From 22286f450bef6a28a08f5ff527e3a4f040fab4c3 Mon Sep 17 00:00:00 2001 From: elijah Date: Mon, 16 May 2016 15:26:55 -0700 Subject: [test] added tests that use postmap -q to verify that leap_mx is returning results --- tests/helpers/os_helper.rb | 2 +- tests/white-box/mx.rb | 145 +++++++++++++++++++++++++++++++++++---------- 2 files changed, 114 insertions(+), 33 deletions(-) (limited to 'tests') diff --git a/tests/helpers/os_helper.rb b/tests/helpers/os_helper.rb index da9ac843..9923d5b1 100644 --- a/tests/helpers/os_helper.rb +++ b/tests/helpers/os_helper.rb @@ -32,7 +32,7 @@ class LeapTest # runs the specified command, failing on a non-zero exit status. # def assert_run(command) - output = `#{command}` + output = `#{command} 2>&1` if $?.exitstatus != 0 fail "Error running `#{command}`:\n#{output}" end diff --git a/tests/white-box/mx.rb b/tests/white-box/mx.rb index 6c0982ce..e0cb273a 100644 --- a/tests/white-box/mx.rb +++ b/tests/white-box/mx.rb @@ -1,5 +1,6 @@ raise SkipTest unless service?(:mx) +require 'date' require 'json' require 'net/smtp' @@ -38,38 +39,15 @@ class Mx < LeapTest # using the by_address view for that same document again. # def test_03_Can_query_identities_db? - assert_get(couchdb_url("/identities", couch_url_options)) do |body| + ident = pick_random_identity + address = ident['address'] + url_base = %(/identities/_design/Identity/_view/by_address) + params = %(?include_docs=true&reduce=false&startkey="#{address}"&endkey="#{address}") + assert_get(couchdb_url(url_base+params, couch_url_options)) do |body| assert response = JSON.parse(body) - doc_count = response['doc_count'].to_i - if doc_count <= 1 - # the design document counts as one document. - skip "There are no identity documents yet." - else - # try five times to get a valid doc - for i in 1..5 - offset = rand(doc_count) # pick a random document - count_url = couchdb_url("/identities/_all_docs?include_docs=true&limit=1&skip=#{offset}", couch_url_options) - assert_get(count_url) do |body| - assert response = JSON.parse(body) - record = response['rows'].first - if record['id'] =~ /_design/ - next - else - address = record['doc']['address'] - assert address, "Identity document #{record['id']} is missing an address field. #{record['doc'].inspect}" - url_base = %(/identities/_design/Identity/_view/by_address) - params = %(?include_docs=true&reduce=false&startkey="#{address}"&endkey="#{address}") - assert_get(couchdb_url(url_base+params, couch_url_options)) do |body| - assert response = JSON.parse(body) - assert record = response['rows'].first - assert_equal address, record['doc']['address'] - pass - end - break - end - end - end - end + assert record = response['rows'].first + assert_equal address, record['doc']['address'] + pass end end @@ -91,13 +69,63 @@ class Mx < LeapTest pass end + # + # TODO: test to make sure postmap returned the right result + # + def test_05_Can_postfix_query_leapmx? + ident = pick_random_identity(10, :with_public_key => true) + address = ident["address"] + + # + # virtual alias map: + # + # user@domain => 41c29a80a44f4775513c64ac9cab91b9@deliver.local + # + assert_run("postmap -v -q \"#{address}\" tcp:localhost:4242") + + # + # recipient access map: + # + # user@domain => [OK|REJECT|TEMP_FAIL] + # + # This map is queried by the mail server before delivery to the mail spool + # directory, and should check if the address is able to receive messages. + # Examples of reasons for denying delivery would be that the user is out of + # quota, is user, or have no pgp public key in the server. + # + # NOTE: in the future, when we support quota, we need to make sure that + # we don't randomly pick a user for this test that happens to be over quota. + # + assert_run("postmap -v -q \"#{address}\" tcp:localhost:2244") + + # + # certificate validity map: + # + # fa:2a:70:1f:d8:16:4e:1a:3b:15:c1:67:00:f0 => [200|500] + # + # Determines whether a particular SMTP client cert is authorized + # to relay mail, based on the fingerprint. + # + if ident["cert_fingerprints"] + not_expired = ident["cert_fingerprints"].select {|key, value| + Time.now.utc < DateTime.strptime("2016-01-03", "%F").to_time.utc + } + if not_expired.any? + fingerprint = not_expired.first + assert_run("postmap -v -q #{fingerprint} tcp:localhost:2424") + end + end + + pass + end + # # The email sent by this test might get bounced back. # In this case, the test will pass, but the bounce message will # get sent to root, so the sysadmin will still figure out pretty # quickly that something is wrong. # - def test_05_Can_deliver_email? + def test_06_Can_deliver_email? addr = [TEST_EMAIL_USER, property('domain.full_suffix')].join('@') bad_addr = [TEST_BAD_USER, property('domain.full_suffix')].join('@') @@ -123,6 +151,59 @@ class Mx < LeapTest } end + # + # returns a random identity record that also has valid address + # and destination fields. + # + # options: + # + # * :with_public_key -- searches only for identities with public keys + # + # note to self: for debugging, here is the curl you want: + # curl --netrc "127.0.0.1:5984/identities/_design/Identity/_view/by_address?startkey=\"xxxx@leap.se\"&endkey=\"xxxx@leap.se\"&reduce=false&include_docs=true" + # + def pick_random_identity(tries=5, options={}) + assert_get(couchdb_url("/identities", couch_url_options)) do |body| + assert response = JSON.parse(body) + doc_count = response['doc_count'].to_i + if doc_count <= 1 + # the design document counts as one document. + skip "There are no identity documents yet." + else + # try repeatedly to get a valid doc + for i in 1..tries + offset = rand(doc_count) # pick a random document + url = couchdb_url("/identities/_all_docs?include_docs=true&limit=1&skip=#{offset}", couch_url_options) + assert_get(url) do |body| + assert response = JSON.parse(body) + record = response['rows'].first + if record['id'] =~ /_design/ + next + elsif record['doc'] && record['doc']['address'] + next if record['doc']['destination'].nil? || record['doc']['destination'].empty? + next if options[:with_public_key] && !record_has_key?(record) + return record['doc'] + else + fail "Identity document #{record['id']} is missing an address field. #{record['doc'].inspect}" + end + end + end + if options[:with_public_key] + skip "Could not find an Identity document with a public key for testing." + else + fail "Failed to find a valid Identity document (with address and destination)." + end + end + end + end + + def record_has_key?(record) + !record['doc']['keys'].nil? && + !record['doc']['keys'].empty? && + !record['doc']['keys']['pgp'].nil? && + !record['doc']['keys']['pgp'].empty? + end + TEST_EMAIL_PUBLIC_KEY=< Date: Sat, 11 Jun 2016 21:09:49 +0200 Subject: add test provider for catalog compile test --- tests/puppet/hiera.yaml | 15 +++++++ tests/puppet/provider/Leapfile | 2 + tests/puppet/provider/common.json | 5 +++ tests/puppet/provider/facts.json | 1 + tests/puppet/provider/files/ca/ca.crt | 32 ++++++++++++++ tests/puppet/provider/files/ca/ca.key | 51 ++++++++++++++++++++++ tests/puppet/provider/files/ca/client_ca.crt | 33 ++++++++++++++ tests/puppet/provider/files/ca/client_ca.key | 51 ++++++++++++++++++++++ tests/puppet/provider/files/cert/commercial_ca.crt | 32 ++++++++++++++ tests/puppet/provider/files/cert/example.org.crt | 31 +++++++++++++ tests/puppet/provider/files/cert/example.org.csr | 27 ++++++++++++ tests/puppet/provider/files/cert/example.org.key | 51 ++++++++++++++++++++++ tests/puppet/provider/files/mx/dkim.key | 27 ++++++++++++ tests/puppet/provider/files/mx/dkim.pub | 9 ++++ .../puppet/provider/files/nodes/single/single.crt | 34 +++++++++++++++ .../puppet/provider/files/nodes/single/single.key | 51 ++++++++++++++++++++++ tests/puppet/provider/files/ssh/authorized_keys | 2 + tests/puppet/provider/files/ssh/known_hosts | 4 ++ tests/puppet/provider/files/ssh/monitor_ssh | 51 ++++++++++++++++++++++ tests/puppet/provider/files/ssh/monitor_ssh.pub | 1 + tests/puppet/provider/nodes/single.json | 12 +++++ tests/puppet/provider/provider.json | 18 ++++++++ tests/puppet/provider/secrets.json | 20 +++++++++ tests/puppet/provider/tags/single.json | 4 ++ .../catalog_testuser/catalog_testuser_ssh.pub | 1 + 25 files changed, 565 insertions(+) create mode 100644 tests/puppet/hiera.yaml create mode 100644 tests/puppet/provider/Leapfile create mode 100644 tests/puppet/provider/common.json create mode 100644 tests/puppet/provider/facts.json create mode 100644 tests/puppet/provider/files/ca/ca.crt create mode 100644 tests/puppet/provider/files/ca/ca.key create mode 100644 tests/puppet/provider/files/ca/client_ca.crt create mode 100644 tests/puppet/provider/files/ca/client_ca.key create mode 100644 tests/puppet/provider/files/cert/commercial_ca.crt create mode 100644 tests/puppet/provider/files/cert/example.org.crt create mode 100644 tests/puppet/provider/files/cert/example.org.csr create mode 100644 tests/puppet/provider/files/cert/example.org.key create mode 100644 tests/puppet/provider/files/mx/dkim.key create mode 100644 tests/puppet/provider/files/mx/dkim.pub create mode 100644 tests/puppet/provider/files/nodes/single/single.crt create mode 100644 tests/puppet/provider/files/nodes/single/single.key create mode 100644 tests/puppet/provider/files/ssh/authorized_keys create mode 100644 tests/puppet/provider/files/ssh/known_hosts create mode 100644 tests/puppet/provider/files/ssh/monitor_ssh create mode 100644 tests/puppet/provider/files/ssh/monitor_ssh.pub create mode 100644 tests/puppet/provider/nodes/single.json create mode 100644 tests/puppet/provider/provider.json create mode 100644 tests/puppet/provider/secrets.json create mode 100644 tests/puppet/provider/tags/single.json create mode 100644 tests/puppet/provider/users/catalog_testuser/catalog_testuser_ssh.pub (limited to 'tests') diff --git a/tests/puppet/hiera.yaml b/tests/puppet/hiera.yaml new file mode 100644 index 00000000..054cb782 --- /dev/null +++ b/tests/puppet/hiera.yaml @@ -0,0 +1,15 @@ +--- +:backends: + - yaml + - puppet + +:logger: console + +:yaml: + :datadir: /home/varac/leap/git/leap_platform/tests/puppet/provider/hiera + +:hierarchy: + - hiera + +:puppet: + :datasource: data diff --git a/tests/puppet/provider/Leapfile b/tests/puppet/provider/Leapfile new file mode 100644 index 00000000..c4c25b4d --- /dev/null +++ b/tests/puppet/provider/Leapfile @@ -0,0 +1,2 @@ +@platform_directory_path = "../../.." +# see https://leap.se/en/docs/platform/config for more options \ No newline at end of file diff --git a/tests/puppet/provider/common.json b/tests/puppet/provider/common.json new file mode 100644 index 00000000..c891fea3 --- /dev/null +++ b/tests/puppet/provider/common.json @@ -0,0 +1,5 @@ +// +// Options put here are inherited by all nodes. +// +{ +} diff --git a/tests/puppet/provider/facts.json b/tests/puppet/provider/facts.json new file mode 100644 index 00000000..0967ef42 --- /dev/null +++ b/tests/puppet/provider/facts.json @@ -0,0 +1 @@ +{} diff --git a/tests/puppet/provider/files/ca/ca.crt b/tests/puppet/provider/files/ca/ca.crt new file mode 100644 index 00000000..01df56a7 --- /dev/null +++ b/tests/puppet/provider/files/ca/ca.crt @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFbzCCA1egAwIBAgIBATANBgkqhkiG9w0BAQ0FADBKMRAwDgYDVQQKDAdFeGFt +cGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMRgwFgYDVQQDDA9FeGFt +cGxlIFJvb3QgQ0EwHhcNMTYwNjExMDAwMDAwWhcNMjYwNjExMDAwMDAwWjBKMRAw +DgYDVQQKDAdFeGFtcGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMRgw +FgYDVQQDDA9FeGFtcGxlIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQCyW2rTcWimY288/Ddu7OPvJxShS1RInQqfq8hYy6hEK2QYn656dRDf +pJXgSYWMvWzSXWJiQkyA8L2+DDilFtccqToqnKE7IwYHlxaeh8OSyZcHl4YCpWJi +1rc7pysN/l/0pjsp1aKKyHEObnkGMev07uGmI8aOE4Yvd2K5LjBjlov5mNnbYEHW +j+hWctV6OcphnxVboqtTy+0Ewv5D56snLjUtedyB7Er4ryRjIrWOyd+ZSyi03zov +oY1xPXS5wSxCc6y6wOKt7/noIg9xxWi7XgSd3OVtPYRU3Io62lMBSzNG6fmos3Mb +E4ui5ma7IFCJlMEFHirVSBiHn2jwsDtSsrTl0JHJS5ud8Eve5vV0r/n07QsDMhj5 +ol+YDq4+VvOekCAH75GFYkMIzpgcVzC2a1Rq7JTkcnINAF/m47yBLPomItklHv0z ++I23Q+jjTaM2A+40T2K+YRLjFyZwrlCAScjMwPFspnGxfa02miYENhPV1TdTP/ap +QE7TSl6oFiNrTh7INHGvKgrZYRW598dgAWNKG4zWY8Vj/bIXR1lC8Lp6enQtsIsU +WiF+zl+xq6bRHg7W419qQowiD349gPXIJGlXEzLqjgLpmpFywrpzxBv6sfZgYT9d +OPATT+GSiOFYJh9K4/JIxOFBJhzDD6PribjhzydPMTojSJ2Xu7nsOwIDAQABo2Aw +XjAdBgNVHQ4EFgQUlhC2wfrVFzGrtuzcA0mkO+yn9bgwDgYDVR0PAQH/BAQDAgIE +MAwGA1UdEwQFMAMBAf8wHwYDVR0jBBgwFoAUlhC2wfrVFzGrtuzcA0mkO+yn9bgw +DQYJKoZIhvcNAQENBQADggIBAAKdSviiZY8tINlDSVrib0CyDbXymO5uTPRqsf/u +MC7/DYXlNFy0GHpX4Ls6GcJN5DdZAG0TaoWo5RkNerxqv78sGJsmPqWt55cpBPVe +NLpFmxcOmLClSDLBhSaq5ggbxULScee7MS1gPHqz1BHXmi7ZJIip4VeVA2e1E52F +J7E4Y36AJOdZYLgz50YOX/NZwSYBTMy7RI1MiqG/eJf1BjkwtSyO7FTjPXsdKi8x +HhtRr5udm7Nprq1eJUUDD0+z4kAeTe/LJeuhxc4QKzpVZkE1peW6Wlklp0cdLJud +7gUsY1GFnNhZDDQ3SW2ZJ/p2OdH35rX96cj+6VClqSQMbH4rL63tICLmAsEzPKwJ +57bGVUM822n4mh0vn79dam40vMw7wkTKqIKVyLhk30N5/73XczpoLhvVdKDtA1Aj +C6LseWq4CZsaRSCgk2VsEEYyl7M+BIREuhYOllsILneOTiCOCnU4EdnBQZIHdz3S +xhduafYXLa7RHkFMfOjtmhogXXpGyaQuS8IsivIowOxKoIZo47IhYRRAghrVN2HK +ZXrgftIHNfHsFLfe6iiQBgaRn/1w7xOIPVDBqlZKKAMQE7cvum2o6dJo03Sc4dIe +rvIU1WGNRLM3/AsbZ/7gqwD3INiNUPeuVaiRqvLvXnKfHlR/4s2wZrnKqUgYF1Go +arXF +-----END CERTIFICATE----- diff --git a/tests/puppet/provider/files/ca/ca.key b/tests/puppet/provider/files/ca/ca.key new file mode 100644 index 00000000..c022b19a --- /dev/null +++ b/tests/puppet/provider/files/ca/ca.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAsltq03FopmNvPPw3buzj7ycUoUtUSJ0Kn6vIWMuoRCtkGJ+u +enUQ36SV4EmFjL1s0l1iYkJMgPC9vgw4pRbXHKk6KpyhOyMGB5cWnofDksmXB5eG +AqViYta3O6crDf5f9KY7KdWiishxDm55BjHr9O7hpiPGjhOGL3diuS4wY5aL+ZjZ +22BB1o/oVnLVejnKYZ8VW6KrU8vtBML+Q+erJy41LXncgexK+K8kYyK1jsnfmUso +tN86L6GNcT10ucEsQnOsusDire/56CIPccVou14EndzlbT2EVNyKOtpTAUszRun5 +qLNzGxOLouZmuyBQiZTBBR4q1UgYh59o8LA7UrK05dCRyUubnfBL3ub1dK/59O0L +AzIY+aJfmA6uPlbznpAgB++RhWJDCM6YHFcwtmtUauyU5HJyDQBf5uO8gSz6JiLZ +JR79M/iNt0Po402jNgPuNE9ivmES4xcmcK5QgEnIzMDxbKZxsX2tNpomBDYT1dU3 +Uz/2qUBO00peqBYja04eyDRxryoK2WEVuffHYAFjShuM1mPFY/2yF0dZQvC6enp0 +LbCLFFohfs5fsaum0R4O1uNfakKMIg9+PYD1yCRpVxMy6o4C6ZqRcsK6c8Qb+rH2 +YGE/XTjwE0/hkojhWCYfSuPySMThQSYcww+j64m44c8nTzE6I0idl7u57DsCAwEA +AQKCAgBGAzi186i+1/2MlP01n+wBrvecMTPOpUbMUuR8ZsWQrO/H8rbM/zM2dycW +OgYgryMOmPXL2HarjtUMy0NZGtQqPgvFOmLYEfGF/Ts109ljv5p3snU6iK1MWzjm +Q8LU5WvJX4+N5ny9ud0Xayo60lHrffI6A4UntGZSL60jQAxiq3Aa9HNgeDKgBTGQ +7db6+cCF/aqmo/5ZEI3j9p9VDJXU9YCOb22t2pG7eRTxjWhzuq75P9Wk2pO+qs4Z +C6TMXhX/p+TAEoNo//C7vNMPOAzasBdj2Jh+/0z4+vGQFK/MrDZeue302SxwDoYb +1hGxlwfGWgxC9AqgWoK2ik7pXGSMc/DyFJHswvVgH1I4wK1rkydDJphlgmYNDk40 +3mvpbQcNgcs5q+q0jrbFmFJHPyLa2z3hMnwZr+3BViNQULQ7ihUqpi8lWEyTKtim +fL3HbqGv2da/2HQtWUU135RQGBjQZBqcJX9LiCwfbdUI+/j+mVlDJyot/xXhJ0WJ ++6OKOVz443957QEV6df8YkRnnRkaTfvj86dNQWCStdIyiYHzaVZ64f8GDHpGOazv +ubiv2o3ZaYvKS1mGqBKdXxEe1Dxndtq2+rDcnx/jXZjaHjEALFaxKJdZIQPUqh/3 +3UTe8OFFVeAcA9w0hqPyUwMfq34DczeKVtCEEEYkDldPyZ2MIQKCAQEA4e5bcaUW +5n4joUGdgeCYpYyA6MGKJEahy5VeI4bs8/o36DHXFMLmmUrgI4tgy3r4GDG3CRcW +q0fVi86qXTqHcScJ2S2jsEuX9Q91LLIwxiun1qakQ9w8kCaYvw6Wp+rcfVXTAe5g +Px3i/Q6hy7Vhs1Usn0iuwCbrIvVpJ50gRul+QojLFcw5i1FLmCAU55uhj9u0h7JP +/Ni3cCr7WCYct8xknLKRn6BHOHodIJDpX1/KNyOJ21V5k47gRAJwlcn90/OSs2O0 +SIFfZQ8Gafvr7C2wMs0YvVXC3oXSlhMkYUJt1B6PKp92qxwiRsw5i+HA1LXbGOoc +btnpfJA4d3TREwKCAQEAyhgtsRmfVwXsQswASUvn9NNUJ61mZdpPMq9d4BSNQzSv +EjM3aTjuqGBh/r01VQm666hSFhv7yo3GIlhzjez8hE+SExSnHMw0MMCUEsDBki7e +SY3rZ0Dzj9FfGBYagOesyQQZSjFFSfmsnBRkrFkVwpJvA0nDMg4xYDaX6yyf8RFX +2teXdI2q2UcTNK5001fVOHLY1ML4ytCIG7gGV/WVSGo2V3VOA+Xl/VdII1hZfa1i +LcdCiBw65vsiDeROoG02F1v5xwDLei6A8JYmJEqOy73+ZgABe2Hk4wQx/GlEH8b5 +2jfNp+1L6aRkXFhAm3wfRWQsKfsYSB2XJxxB8RYFOQKCAQEAv6dc9viehoQ2YVKx +9Dy8AKNBrzCOqNsp4PMiWmzYkNaPmm69DyWOTDdSD5TqVXJJBu0VYaauWjmjkueL +aW5++qOtHQg0NRbLHt0v/uxhp5nc1J+j9NTco0O6i0gq0OLQi5nEV30JNEF8DkLd +SVriOChmo/AaHXJmQM+BllMZ0E2+B17XN/R4VBBwWenNEfPZh5lOeVXvuIN2iLZN +ZKdf8SJ3rt1j3s8t22DrWHbVIUy20zNYfDDz4xJueALB0q74nVWf+oD3rBHjBG1M +eZd0uHLBZzbIZ8RafD11OE2grMiXNjt+IyAGoHxLL1eK8XheBZMG+wmNeRNtl3cY +D22O9QKCAQEAx76kEqIXikSxYsgNFGTw61ugluLdDZh7pMYNy/ekM6Oz0hJLFzYN +NOCmmshaGSXX2SnxkCaydF4yUioIdGOipgebgj5seZsfjnwZHnvkFt86F4ss+04I +LcKr8buPEI9riPcDJACU0mvy/gVuB6a5Sim/jYlvY18B0G3FM81UfEk/A28JJEsN +bVnBktVHZMgwV220AH6AtrzrejImGvQBS6Sm90RbCqFE82Q8Sar+MKiZHFQQ30S/ +tyLKYt6gFBI9X1MqClYvxyCFksVlB4OlpZyxABHLZS65suOnoCpPCfV5aAS1wN9a +o6A3DcqweL1yjvxWZlvmgQi2KBLW3jl8iQKCAQB9S91mjvys1iwcz8sYneCNetHw +Axlr1pfoHUgyTy1/9ategbPkEegLCDtAYmILRBiVb9hnSnmn9k1fYIo3P3nja/vU +wJyYubpu9DshzlFRQ2GANpKixjm++NTfpMVIYpcBUjdqgqc501FPUYksbZkcpuDG +xJNAM3OzSkEmc91sVkjUhcjXovW+UWXtqxGn6/T9TcgE2yrhgSbz8rnr3SDHEeHz +GgUaQGXodg0kr3tLJSY/+FGuORL4mtV+0XQF7EbN8hC8b8B+bHpiIrWcMJ9OG7al +1UfkeqXvOByN3Itx489BtrizyYGRIrMCfguTBKNxe4J06If6mkq9GKC2hnM8 +-----END RSA PRIVATE KEY----- diff --git a/tests/puppet/provider/files/ca/client_ca.crt b/tests/puppet/provider/files/ca/client_ca.crt new file mode 100644 index 00000000..c1214476 --- /dev/null +++ b/tests/puppet/provider/files/ca/client_ca.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFpzCCA4+gAwIBAgIBATANBgkqhkiG9w0BAQ0FADBmMRAwDgYDVQQKDAdFeGFt +cGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMTQwMgYDVQQDDCtFeGFt +cGxlIFJvb3QgQ0EgKGNsaWVudCBjZXJ0aWZpY2F0ZXMgb25seSEpMB4XDTE2MDYx +MTAwMDAwMFoXDTI2MDYxMTAwMDAwMFowZjEQMA4GA1UECgwHRXhhbXBsZTEcMBoG +A1UECwwTaHR0cHM6Ly9leGFtcGxlLm9yZzE0MDIGA1UEAwwrRXhhbXBsZSBSb290 +IENBIChjbGllbnQgY2VydGlmaWNhdGVzIG9ubHkhKTCCAiIwDQYJKoZIhvcNAQEB +BQADggIPADCCAgoCggIBAL+WKlA0V+1aMjDKCwk3HaVJz7tk+knutrr3RtjwUshp +wPty3+t1WrTEtfLLUv6MNOFStTPv5/JKAtDVEcm5xVJ9DNAw8XBnouUnm77WrMa5 +t3Oa8iA6kL1GsdfCoAyKNSX7ArDlfumA/fakjIvPoRYmjplzsodlHISu5FqpHc+G +NdX89K6yzcjgMhRhCvHLrL9d+pe+efBDLab5I8pA0CGpaLfzPQiUNc2E1jn+ApSJ +Bkq+gVBscKcomluDa6rtP2UeGGvG1DkHtbpx1WA/a/T9Tt7ACFd1uIQ2Ob57MAHx +WgP6jD+Kj+/r9sA0iXGN/JnWXxpsVfYjbEFhRhL80Z3Rpj3Hf6xgUJbx0LUE34xA +CTAK/n9G5q+7oog6oSNx80AU6ihWoucARtrQpwrV8rMvEO+QAtT2DjQMShYupk+n +vHV1BTsigsjfywB2eGODKC5u6Ev91Zc8JEFmVvR+/tEP/XNzUTejGVi1fuABLILq +Id0rL37j/NZ9OyExGSJDIRXSH45gHMkjNlQlqXYJ4JiZZbs/8UHEv4TnwFceBBhM +lk8NwQE13B8F+/mcpaLaQ3X9AJzYBIh0CWkAaSKXmpIMSrOFlljihIIsA/p2OmOc +g1sumCK3IU8AXoUbzDM1EqL5/wE9jD+ns8Bsy4JR1FFZy1FOmQfacIJdbd46jkvD +AgMBAAGjYDBeMB0GA1UdDgQWBBSrXJyoXQRw+uwU274hxHyKeX6kgDAOBgNVHQ8B +Af8EBAMCAgQwDAYDVR0TBAUwAwEB/zAfBgNVHSMEGDAWgBSrXJyoXQRw+uwU274h +xHyKeX6kgDANBgkqhkiG9w0BAQ0FAAOCAgEATF/s9DHNj3h8O4IN0eUC6YiXnpGv +z3z4KPD5RYy9+O3uf+f6SxFOZZU5NU9GHE9VRenmerHSsux9FxEAGsCjpiCFQGXq +PKPBINyuR6TIDo+E/bl97Te0wL7aATiy5HFfQd41IoYPjuDpgb1Fc25w6iv9VeFG +WrZ1JLJp4wguZ6RKSSLhsBF3m+wGe6Mg89b1sdkCvFr6EVqlZZbOSPUpUjVYp46p +v3WP+Grtx9rBlJxqPpA7RPIyqnyiE4ovZcznz+9glgB3n1ufO+dSCVjkAEPxvmLu +Qj7Jc+rpNOE5xZCFBaqtCBaBm2Uht3OyHypK9UYLZ7QOAfrGnBdgLERkAzPG6Zok +yXuo0YTjHpdy5BPUD8VOahsj/2tzkMXkYmRCW9/dRwhfvi3QQHyQpsRZizmWXgTV +JWa6UYfF1B/rDt3sn+AjDCxhHeBe02YTw0MWG3frv3Gn2/JUESSQjK4Xhjg/DPxb +pLfhSLuq7WWqtkJsI0sZVj+GAdkbTgGjMLvj6+ckXpqE9V8eDgvE7KqYlSS2i6Sm +e3SofOC2h10D3pWtX1KSPUp20ClRE/MUS/YW9szKZhqA/ZNMX2eViF05hgqywYwg +GvapgFpn0mbBj9sOrBuAZX/r+U3MBv/Pj8ErdX/m20Bg/eIPBcHftS465Y9fjGu+ +apsldYNSrCZ30p4= +-----END CERTIFICATE----- diff --git a/tests/puppet/provider/files/ca/client_ca.key b/tests/puppet/provider/files/ca/client_ca.key new file mode 100644 index 00000000..160cad43 --- /dev/null +++ b/tests/puppet/provider/files/ca/client_ca.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAv5YqUDRX7VoyMMoLCTcdpUnPu2T6Se62uvdG2PBSyGnA+3Lf +63VatMS18stS/ow04VK1M+/n8koC0NURybnFUn0M0DDxcGei5Sebvtasxrm3c5ry +IDqQvUax18KgDIo1JfsCsOV+6YD99qSMi8+hFiaOmXOyh2UchK7kWqkdz4Y11fz0 +rrLNyOAyFGEK8cusv136l7558EMtpvkjykDQIalot/M9CJQ1zYTWOf4ClIkGSr6B +UGxwpyiaW4Nrqu0/ZR4Ya8bUOQe1unHVYD9r9P1O3sAIV3W4hDY5vnswAfFaA/qM +P4qP7+v2wDSJcY38mdZfGmxV9iNsQWFGEvzRndGmPcd/rGBQlvHQtQTfjEAJMAr+ +f0bmr7uiiDqhI3HzQBTqKFai5wBG2tCnCtXysy8Q75AC1PYONAxKFi6mT6e8dXUF +OyKCyN/LAHZ4Y4MoLm7oS/3VlzwkQWZW9H7+0Q/9c3NRN6MZWLV+4AEsguoh3Ssv +fuP81n07ITEZIkMhFdIfjmAcySM2VCWpdgngmJlluz/xQcS/hOfAVx4EGEyWTw3B +ATXcHwX7+ZylotpDdf0AnNgEiHQJaQBpIpeakgxKs4WWWOKEgiwD+nY6Y5yDWy6Y +IrchTwBehRvMMzUSovn/AT2MP6ezwGzLglHUUVnLUU6ZB9pwgl1t3jqOS8MCAwEA +AQKCAgEAp4NO3+3Ea32PoOUnnRkZzKmq/jieNwKHtxX6VjhayWzeFX0tmBx2ANR2 +GiH5ISPKILFGSnEbJtfbemiyMuVBSIyaJXaFxDh5T0/Ad64QR3mek3AJAHD0mOo1 +GWfMtOoq6lh809r1iokEhSD+2kfimxF/YWCt2oBn3QNmGnb/37GDZOTVs+IW1+pf +Hz5yaVQiaPhs4TzkNVUnl3UC/BaLZMNREnWVCek82cOp4+7aprDgVX4YZw9JuH5h +6F4SR9NEuM8Fn0arzGmXVbuuS4dohz7sNQtGv+HoQYGAH7JqGWjDwfLRqcUncSmq +CAhnnGf/UysC4IGU76+tOcUplfSD+aur0FWCtKf4scfZR1Uh6inpN2WQ1r7c34vW +xKiRZDpoSRpDkxQaj3KQJeWEsAVSG+y1L9OgbKDjeGE/7U7Gt2fOKih+Aqt0l+xt +7Go1v99u0VhbyCWiBDF9XCMFzJBx0fIK+RfNHXEkkcoZo8kbnTMGgdoBqfCQZjIS +HRm9wysljMhdTYRFi1Vx8IrDGKNenc2USS1i31+6CQ6ZHoAZm5wvOxJ/nq3VS1I9 +MJDWTOQIsZQWHVlp+xq3hxBDd33ksQ91p/rsp38VrjYa7Bhd1Vp0xZUB51i4eUJA +WX1RPKnJ/omwsUXGsQSLAOR/xOYH+CcWTCu2uMd4oX5Zx84xBGECggEBAOpt9oOx +qHYtZHITFa+9htd9QWPnE5H5oUby/w4gPsymazY1raHETo6HWueByCQnNHDflSWs +3LOUnrt166wtn2yhaOAw8mrHDCuxwUUfloFyXRal16Sh2QoQDqiaAQrVzg1AM1Oi +kSBE//OB14YrAUrFFsPZpDHE76/+AOXqp7Ju+XKd0WUeX1ibQzMO6PxuUKKmH4q6 +2gZbwx5olkFb6AVY7dk7Yy0rrp+YxP4Js/JjoxjMu+DB1HOru/LAgCXU54cM3x+A +VuxE1D+KATVpqzqtDAccEyWys4hfZBlil88Schbenvo53IREB048KXw0mrVHeDDH +lIPEFwO4Gug+KKkCggEBANE3BwY+/8QDpgJ+EhEIZfraW9z10sQE5L5WIPwDLCnL +8dXLLW2ayfUtLRe2d5chxqPiAcjJranYR+hZXkbNeRAqWKJWn9QbCrYgqMKz3fyv +g9hiVS0rTM+rZmAgCxO9Wc6ZSBTcYjyXKe9NCeXYgrpEcNa0bsbdq99d4s/Rym6h +wofm7c3HAiPBLvduJ7MNnOQpvHTe2wfkf+Meq8K8WPX2UnIQXY+C5EE3FJG2PUrC +1wryWeVUraLyS3S9pGCUhMlsFJF0RXDp58nbVGvdcfIDfCcH/fjZD3PFpD2vUaJt +DhGHraxasYC4C+WBm4SkG9P+hYmQD6hVjD7BiewneIsCggEAN5r3owsr00Q3FBvU +xAeniUuLjB/Oc4yLpaGTwA0D+FTtD0GyOrGulH4koM8W4wRtmuxdmz8iZnI1KG/z +A7canpC2qJ7TkWI/T8ns9vFkKLYwwGN7/+/n5Ewkvfcxkhles6PryMXBuK7FK0Q8 +E/X1a3/OQ4xHNwroc41DN0XumxNZlcc7WMnYgdLqIJ1DxESCWeIfjy988Y8oe/kA +0uXy5fnPCPzeLGO1GuQIrd0tUqwxjntZgRlYxEsS3KSugMq8VDtIXVd6xrYYxi18 +1eeHlvZe6PzOyd1WWl2OB7tsGNDeQPBzMxUwaisctIDusihkHeWi66cbYhnL/7TW +pQnBaQKCAQAxU+QYGOp88M9HbyobUfuZdbqLEnqrNOwp5GzKfoT/JdLTMaB4YzKS +2B/1o1P3EkOfiD4bdVG45gGuSsPrta6BnTpgrEPq4qVX48NmhLomRcu0TRsAF2F4 +5VSx/VwfP1nZWFKieIPA/XMptORMiQvplxFzzf8AbGuFssEzdqdgBkuzd0NCbVWX +0IieVh6OHPuM4DpK4/CIn9t3VVfyBi6Db5xowGsO1zGyHqZ+5JT295F0R0fixmBa +Nv6Le9sx2lKkmxMOaHem879u3IO/GusuwJuZKE09SxBVn5fl41xAC65xe6f7JzcK +vlovtqtQTtEw3qXllU3bxq/WbBN01qmZAoIBAGjkBPKbUqj6b7dNd5PN/+BHvbP5 +VgNXnx3URS1OVUwqBWi/sFdPCW5JrTAUgsgsLKWzmzxYq/2Ij1CnTHGFSvAd3olL +6ycmkbk6kguD1mXpvvntJKQwAi9J3z6kNzjoy73PAblUd95TWhpqHwRHVp+C0hUF +03N2Xn10zADA7zBXwydEk7cFtOuw/pv27zrEqqwwYuNBkjfn9vOxDpT86D9ah66e +D3CyUM+xkgKp4nzVvbKS8530nxkWwonGJpou8wdHZ8yu5DrPLeRQIBLwy6XAVcdQ +U4chotKxL81f2UvZ6cA2FGpSQef76mcW643njxzndEfwQ5+twtKBzx0TCH4= +-----END RSA PRIVATE KEY----- diff --git a/tests/puppet/provider/files/cert/commercial_ca.crt b/tests/puppet/provider/files/cert/commercial_ca.crt new file mode 100644 index 00000000..01df56a7 --- /dev/null +++ b/tests/puppet/provider/files/cert/commercial_ca.crt @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFbzCCA1egAwIBAgIBATANBgkqhkiG9w0BAQ0FADBKMRAwDgYDVQQKDAdFeGFt +cGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMRgwFgYDVQQDDA9FeGFt +cGxlIFJvb3QgQ0EwHhcNMTYwNjExMDAwMDAwWhcNMjYwNjExMDAwMDAwWjBKMRAw +DgYDVQQKDAdFeGFtcGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMRgw +FgYDVQQDDA9FeGFtcGxlIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQCyW2rTcWimY288/Ddu7OPvJxShS1RInQqfq8hYy6hEK2QYn656dRDf +pJXgSYWMvWzSXWJiQkyA8L2+DDilFtccqToqnKE7IwYHlxaeh8OSyZcHl4YCpWJi +1rc7pysN/l/0pjsp1aKKyHEObnkGMev07uGmI8aOE4Yvd2K5LjBjlov5mNnbYEHW +j+hWctV6OcphnxVboqtTy+0Ewv5D56snLjUtedyB7Er4ryRjIrWOyd+ZSyi03zov +oY1xPXS5wSxCc6y6wOKt7/noIg9xxWi7XgSd3OVtPYRU3Io62lMBSzNG6fmos3Mb +E4ui5ma7IFCJlMEFHirVSBiHn2jwsDtSsrTl0JHJS5ud8Eve5vV0r/n07QsDMhj5 +ol+YDq4+VvOekCAH75GFYkMIzpgcVzC2a1Rq7JTkcnINAF/m47yBLPomItklHv0z ++I23Q+jjTaM2A+40T2K+YRLjFyZwrlCAScjMwPFspnGxfa02miYENhPV1TdTP/ap +QE7TSl6oFiNrTh7INHGvKgrZYRW598dgAWNKG4zWY8Vj/bIXR1lC8Lp6enQtsIsU +WiF+zl+xq6bRHg7W419qQowiD349gPXIJGlXEzLqjgLpmpFywrpzxBv6sfZgYT9d +OPATT+GSiOFYJh9K4/JIxOFBJhzDD6PribjhzydPMTojSJ2Xu7nsOwIDAQABo2Aw +XjAdBgNVHQ4EFgQUlhC2wfrVFzGrtuzcA0mkO+yn9bgwDgYDVR0PAQH/BAQDAgIE +MAwGA1UdEwQFMAMBAf8wHwYDVR0jBBgwFoAUlhC2wfrVFzGrtuzcA0mkO+yn9bgw +DQYJKoZIhvcNAQENBQADggIBAAKdSviiZY8tINlDSVrib0CyDbXymO5uTPRqsf/u +MC7/DYXlNFy0GHpX4Ls6GcJN5DdZAG0TaoWo5RkNerxqv78sGJsmPqWt55cpBPVe +NLpFmxcOmLClSDLBhSaq5ggbxULScee7MS1gPHqz1BHXmi7ZJIip4VeVA2e1E52F +J7E4Y36AJOdZYLgz50YOX/NZwSYBTMy7RI1MiqG/eJf1BjkwtSyO7FTjPXsdKi8x +HhtRr5udm7Nprq1eJUUDD0+z4kAeTe/LJeuhxc4QKzpVZkE1peW6Wlklp0cdLJud +7gUsY1GFnNhZDDQ3SW2ZJ/p2OdH35rX96cj+6VClqSQMbH4rL63tICLmAsEzPKwJ +57bGVUM822n4mh0vn79dam40vMw7wkTKqIKVyLhk30N5/73XczpoLhvVdKDtA1Aj +C6LseWq4CZsaRSCgk2VsEEYyl7M+BIREuhYOllsILneOTiCOCnU4EdnBQZIHdz3S +xhduafYXLa7RHkFMfOjtmhogXXpGyaQuS8IsivIowOxKoIZo47IhYRRAghrVN2HK +ZXrgftIHNfHsFLfe6iiQBgaRn/1w7xOIPVDBqlZKKAMQE7cvum2o6dJo03Sc4dIe +rvIU1WGNRLM3/AsbZ/7gqwD3INiNUPeuVaiRqvLvXnKfHlR/4s2wZrnKqUgYF1Go +arXF +-----END CERTIFICATE----- diff --git a/tests/puppet/provider/files/cert/example.org.crt b/tests/puppet/provider/files/cert/example.org.crt new file mode 100644 index 00000000..7de2982d --- /dev/null +++ b/tests/puppet/provider/files/cert/example.org.crt @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFbDCCA1SgAwIBAgIRAJW2X9xbiBvmbN1kMlRVKtQwDQYJKoZIhvcNAQELBQAw +SjEQMA4GA1UECgwHRXhhbXBsZTEcMBoGA1UECwwTaHR0cHM6Ly9leGFtcGxlLm9y +ZzEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTE2MDYxMTAwMDAwMFoXDTE3 +MDYxMTAwMDAwMFowKDEQMA4GA1UECgwHRXhhbXBsZTEUMBIGA1UEAwwLZXhhbXBs +ZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDFuKIL//hf5cjU +m18q5fSUyvwtmWREJPaVp+CiWiGJHmxFAiWMGuAFRRChhZ4SYmnEscNda0f6ntPz +rO+XjhQeA05bIYD9JcFT25Jg4kSX4pQ0+pK2vuHqk4ascZgOOaq4fN8SXD6ZiL3m +CONDRzbnZVR2LqsdCbEqIuHlo7VK7MO8/9A+rF7wKLVatBtk25uSWMQPt0Q41gw6 +YTV447SltFH3fgUZnNR6p7Oxpsi3qEWlt2vZMIa5xdq4ge2dx1GgC8oSBx1XT/Yd +qu//GECAH5XsZsAaPXDuor1iTbWELzHyGrQ7V80e67lE2lxoaHxRCOE/NDUU6UXm +CqXwhdBHarHehOCGSDXvHEwAH5zpV77XOm2bIoZmCjM1fRk5p2S3GmXteCdvCxBP ++2wECnRXuwN2aICrBk7sZ9FieRsYao8GZN/A7ZY24pf7CMEBsgjYktTjAwUb21m6 +vmmzt93dEVJgkd8LASFmoXn+YAIGF0/fD5ZutlsAsBfodoCH9JKBi25nVVTEQW8g +TzUegTC3PUqnathWv4gZIYDG1ZUDxjk30beNmXV2XudASmP7NG4uSlQwGAEWn+cc +dzOnRxR0BQpkMMNEV/HmJVuSV5Ak4DkruSXGjLpzi30BjJ8obx85YAusIrhWRUrR +2oz6gqDUnwq3Nkr3Nk45iOEDC0cZnwIDAQABo28wbTAdBgNVHQ4EFgQUS7rm3WfC +psxoh4i7q0YbTbMZWuIwCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMB +MAkGA1UdEwQCMAAwHwYDVR0jBBgwFoAUlhC2wfrVFzGrtuzcA0mkO+yn9bgwDQYJ +KoZIhvcNAQELBQADggIBAKxeVSMEpUOdBO1zmwd5NtugOlYV3/Gu9GqmUQdlB4FF +Wt6sKJmYYByNquKT79oJLb9dgUPw8qQiHCB+MAsjB4PpHvMRlpgrcDGsI8+esnfG +dJny+82aRIFZ2KnNbH8FchcCh4bviaY+DE9kyJNHILk0ujICXabR0G6ArVISTbyB +C+6BdFyKTT5zj9mtkiTgvZchlKCmOmvh/HeCONu6MGYbqcqp41RA3g1eEjFoROKO +wmf65VvfOBeb9VydOTICh/bJWRSmAMJqWxbOiV8+Ldufi0vXMcOhEfsyo316xxRq +1GMb5xVihtCxj/+qBKNoun4k9LTmUvComuPakbtEPT2QbxiTvqCbXsWHPoRwCKEj +RcFPsxWAnUslzqSl1b0oLaE1zNjBmB/Zd82i2MC4PncLC2hLHtAU1imRZKP6rnHx +cb1NyFLS0FmIPqZUz9qcY2Tj3GbjqYqRi/sXNKrR2axAUx+jGI/Ie7Zsqa4VZA0A +ZsiF0BGN3RTCYHuoJbXfEVFQ3o97JGNC3t07u9XhVuC0fjCiQu5PBbMRHSSvtBdN ++LSrhR5j4aiCmppgQSeTtoKSIS3EiOzDtawdewxhffK+co0pGnO3nox+iINvSIQ5 +IevAREmZ2ytjFDU/kVFFlINesFsLRouO37DUf2Kjxaa0RgkCBHpOnTAAD7bXiSaJ +-----END CERTIFICATE----- diff --git a/tests/puppet/provider/files/cert/example.org.csr b/tests/puppet/provider/files/cert/example.org.csr new file mode 100644 index 00000000..95e8b65d --- /dev/null +++ b/tests/puppet/provider/files/cert/example.org.csr @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIEqzCCApMCAQAwKDEQMA4GA1UECgwHRXhhbXBsZTEUMBIGA1UEAwwLZXhhbXBs +ZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDFuKIL//hf5cjU +m18q5fSUyvwtmWREJPaVp+CiWiGJHmxFAiWMGuAFRRChhZ4SYmnEscNda0f6ntPz +rO+XjhQeA05bIYD9JcFT25Jg4kSX4pQ0+pK2vuHqk4ascZgOOaq4fN8SXD6ZiL3m +CONDRzbnZVR2LqsdCbEqIuHlo7VK7MO8/9A+rF7wKLVatBtk25uSWMQPt0Q41gw6 +YTV447SltFH3fgUZnNR6p7Oxpsi3qEWlt2vZMIa5xdq4ge2dx1GgC8oSBx1XT/Yd +qu//GECAH5XsZsAaPXDuor1iTbWELzHyGrQ7V80e67lE2lxoaHxRCOE/NDUU6UXm +CqXwhdBHarHehOCGSDXvHEwAH5zpV77XOm2bIoZmCjM1fRk5p2S3GmXteCdvCxBP ++2wECnRXuwN2aICrBk7sZ9FieRsYao8GZN/A7ZY24pf7CMEBsgjYktTjAwUb21m6 +vmmzt93dEVJgkd8LASFmoXn+YAIGF0/fD5ZutlsAsBfodoCH9JKBi25nVVTEQW8g +TzUegTC3PUqnathWv4gZIYDG1ZUDxjk30beNmXV2XudASmP7NG4uSlQwGAEWn+cc +dzOnRxR0BQpkMMNEV/HmJVuSV5Ak4DkruSXGjLpzi30BjJ8obx85YAusIrhWRUrR +2oz6gqDUnwq3Nkr3Nk45iOEDC0cZnwIDAQABoD4wPAYJKoZIhvcNAQkOMS8wLTAJ +BgNVHRMEAjAAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkq +hkiG9w0BAQsFAAOCAgEAG0IpXLHZpgXtBZHEnGBghrucWnAuhRf0sXauboBVWnwA +5noESIIX/hNq9DdaBba684u1Qga+lZcFsO1Zh/K1Guu74FTNxV2jCLKcX1T+Ymx4 +uRJ1jcdCc+YB/f+ce+pAhFJei/6sKP//MtYIBHlbe8aGQx1yVPJ5oSb4yS9Hloe4 +DuM0bp6ZXhXFv4YxxxDbaTMs9D46AKnqXV0rLe8WwHH1Mbdxl0bi7roZ3/1NPYsg +diUMWQlnrR1d1xxUG7x+PJRpPcN3GmZQ0WyZoNrIQA7OLEg6nM8T4sQX5OZFdQrQ +KQJyX8+Cc8j/UtPrPIPgch6iYX32e+1wTAP82npw1KMELxRsxjX6ERl65apkADFa +w6LrCFtUQApWY/vZPz88udzSxVytJL4ZrHJxuZEG1WFE3kPY2Ak5LYw/IVxCDFsL +GVfhb92zkn5iUkULXbwjcTytK3IqXZHl05PW+etGtqbkdh99m8eH1HxolKEgtehm +l7FMD/JrC0GJWhI4Dl0CpvhAsV61pa8f1KmfGFTt+zpS4epSIItWTuSd4tzaXwNq +3K1zJaKHs16VWBFuhH5kle4QGRIuDRPHchBQQg0wgy/sfHuzqbcVNotGZ7qzvnRL +x5eXmWm1HaVKl1NpxbntMY4o9u0WgyzmU0VVsv+oWJj6J88T97rqTNg1Q1Uj8ic= +-----END CERTIFICATE REQUEST----- diff --git a/tests/puppet/provider/files/cert/example.org.key b/tests/puppet/provider/files/cert/example.org.key new file mode 100644 index 00000000..7ca1c512 --- /dev/null +++ b/tests/puppet/provider/files/cert/example.org.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAxbiiC//4X+XI1JtfKuX0lMr8LZlkRCT2lafgolohiR5sRQIl +jBrgBUUQoYWeEmJpxLHDXWtH+p7T86zvl44UHgNOWyGA/SXBU9uSYOJEl+KUNPqS +tr7h6pOGrHGYDjmquHzfElw+mYi95gjjQ0c252VUdi6rHQmxKiLh5aO1SuzDvP/Q +Pqxe8Ci1WrQbZNubkljED7dEONYMOmE1eOO0pbRR934FGZzUeqezsabIt6hFpbdr +2TCGucXauIHtncdRoAvKEgcdV0/2Harv/xhAgB+V7GbAGj1w7qK9Yk21hC8x8hq0 +O1fNHuu5RNpcaGh8UQjhPzQ1FOlF5gql8IXQR2qx3oTghkg17xxMAB+c6Ve+1zpt +myKGZgozNX0ZOadktxpl7XgnbwsQT/tsBAp0V7sDdmiAqwZO7GfRYnkbGGqPBmTf +wO2WNuKX+wjBAbII2JLU4wMFG9tZur5ps7fd3RFSYJHfCwEhZqF5/mACBhdP3w+W +brZbALAX6HaAh/SSgYtuZ1VUxEFvIE81HoEwtz1Kp2rYVr+IGSGAxtWVA8Y5N9G3 +jZl1dl7nQEpj+zRuLkpUMBgBFp/nHHczp0cUdAUKZDDDRFfx5iVbkleQJOA5K7kl +xoy6c4t9AYyfKG8fOWALrCK4VkVK0dqM+oKg1J8KtzZK9zZOOYjhAwtHGZ8CAwEA +AQKCAgAht6KquTP55o2g8/3+qshSt2rZu9bFaChEzSQZi5U8dNuxyPPuOIcLXwO/ +B7I1IGM5D7dpLupPatZqL4uMJMZ5d8bc85GzmcSmMEN+EhfwbssnXbO3RkXwYsgM +kDKF+n+KhoDj+KcUN6VqnQlkZ7iNLVKB9ONpSEXWEazEJG6+IDIhAN7aUTq/abHD +jgM959VX15tXssEHkDj1m64qt2oO9/kiY3MrMvtpD0Atg2unJiL6Z5UUrJnNBFiQ +Llf/GAZrbJdBC8WNJi2qUYQr1E7rindeoQcRcnjXuRjisq3JpOK3jqY9mHN6Wmh1 +vWcUxvysNP90b8q9jipFWHuD0M37kq+BLn5Bub0ypiIkId0CUnAB9MBYcBJlYhai +ZwI1fe0uGFD7XlJbHexTgnLreDAo3FR9CIUDo2HUWqmUNWadAl/rPNRe6+QDDvmP +5v4HiFmSuCjZJOu9x2z/ly1JzM+iCUp+q6BxYYYW/5tDLYAw7sl1uaiLTzZuhrrM +PlO6DNLAQhMn29jeszPHt7iXHdHAHAuYSeHpfeqnAV1qB+6x7UFVZjbDxXkt/Sn0 ++LvCzJUQOwQNlnnzIwVdn8phS3r9TN2rI3dtlvPMWJqgBiheJ9qn2tHjjoPETt9I +hfvw949Gi65D+AFSzowjNUFwDXzphOwETv5tpKCRROhdBRBdwQKCAQEA+L9RsVqT +F+7HyGza+F53mgED5SQoS52vRA2OiAbCgiNjY7JH7bqIpuO4RlgqKo+GKoboCP6D +1CmVGUm/Z8wYspzQs15O/jUO1bZ8KFREt8TquxFtikwyvIXQhUdJhZYUnhfMzV3O +sH1blWhJnSX21rxJWlrkN0I8Zdkl6mjvFa97Kr9UA/pdZd0qgIw5Vi7MFLPC7j2Q +YmTPhNsb0oZMJHGvwENUmuCQDhGiRhQV06R963mTMvxY7LWqUVf6dr7xg89Qt5Yo +AdSHllOxHOMTAa+kZNF1N8UM9S2iJSn6ZeUEOXOJEuosghpE/QIuvo81Txm63G7e +BjU3H7cFqDetfQKCAQEAy3xy2cQ/+GlSIbwXrzBr483Z0jXnvknlCJMh+NCTXObk +idOhhnIuZu+JoAovv2AfKNPvYXotmb1xxmws5RSrlZDGiQQzEwvJPeLN2DnUGqzc +ZPenu64Je6v9L35iRMF8vyx3xf27FC4zmR6nLuZbgfEfQdModqCbTpzh23Cl3mkM +IZFYPhhfnh/pcwccuqfOn0Adt+1X3jvp3QzCh1jkEjhaRB5qjt58nlmxA2EKYv1w +OzSTH9owqsCMmdrqzR7iKh59LrfOfggJbhHCyrORZ/S8h5lwqIk3+zLMrwGSvkXL +tuKLXtkX/Xy98cbHwk5M/bf3hH6I5njlsssFsS8+SwKCAQEAxCzu2raaJ1fUDAd9 +sj+eh8ChN8gKV4hmv38Jl9Hs+QG70ta5z407VJNns2K47pP+te9rdBx2D48z3ZvB +7rSSDduK5MtN9UIXDwk6Zfv/rgcJMLuP7nAl23SVfWc5Xrd8TypqBNUkuyBCaFS1 +KdDVGYmpOC9SqRn91D0rn/FeDXY15wK52eFMY5fHe1YbqhKCNRmIdKftBQyIdTjw +elocFunqN/Fh+jt8oPvbRPV2OVITVPCu3JkT8KtdRYXjLF9uzgtkl0U/DCJ3RGGA +301eogfJ2REwJumrTHnO1QyERHQXns+1nUs+CuV43ykngHYlDts1+b8eLzss3EBV +n9M5aQKCAQEArqKmmtg/on0ZPNSFaxfecEq5lxwmQHyAsMQ9UqIG5qNOHi9fn9gc +lMEdVxmG8vKWq16AQiMuQZSBsa4jNZNw0tLGYM8W2lCyLIea6+htbVtPZuPYs0zg +3J+1ke4gfiukWRnbzTM+PEqOg+n3x1txy2pZzg9f2bdqsqQXflIGOIPlImXv2pLm +dPmkS9Edyd+8h5XqK3DpiVPYGJsb1Dbove5ZIb8M6oJtZyVIssK0vFIP4O/1GFAU +lmbcBCsKenH33ff+rXqYIDfbh/h8OaS0tQgoSSPZuPrS7aYiXku2Wc/izplMzWD5 +otZM2dQkmlDC6LjbF33VFh9J2xE8WF1YUwKCAQAeJYro7nBxM0eOmof1ty24UPfg +jx72sH/FpgKIyvZ4yQoreNUc4TVsy5QMIVd0G966CRgvzaE0vcBHm//7YCXHtIa9 +ihqmYDo7SoaF7nZNjxJIxyQVPY0+Kntkwz0XAX0IbJ0nMx+3x6d5UhbQbxFVKe7X +5WmOMb0ro9NLaCvh5IUxSHsG/a8hYRqoX3tZbPRvTJMZMTMxWslsscWINNu/80KS +ggpD9Uu9hdVwT7yavl6JKC3ypRdBzmpKZfiLt5CTFex+XGIgKLHVqbHxXu487YsL +AlexBvk1/RKMTHIgUl7uMmaJsUSD+ME4SWuU9cW115kwp+JBMXES4ZfWnRHZ +-----END RSA PRIVATE KEY----- diff --git a/tests/puppet/provider/files/mx/dkim.key b/tests/puppet/provider/files/mx/dkim.key new file mode 100644 index 00000000..0dc069c6 --- /dev/null +++ b/tests/puppet/provider/files/mx/dkim.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAyrO7MRuCSyM2Iz5fXT17q2rpP8U8m4zE98gShMAzzKFOUjk2 +WldOzVDrNVMc6nlIkBifNpk85SCdgc5GRCWMMHifbKTWjduK9pCTtvIOVPq9H0Ak +mgqXEgoVurn9gIxfUk2zpr+TzE9r7/U+O8ffmtmZMKbWldvvqwfm3rLRBUpvi9EH +KWjmqEp9I4x0mXzkwRzoyrN0xZB2pLJJVlg/edeI7omPaqRRbf/OWQb1CHK5g3Yo +l1zlnBEG4X7BsIqqvaKfPT6Zp1AM/QP5qJESjvLyEf5eguWSeU/kyUCtSLZqigxf +sYqcClN7gWiQ1j5d3vkpv6xEvLZOL9Jhg00FnQIDAQABAoIBACZMxX7m4ryNv6nz +HBPDDT37am0ZOHVvqLvkutMIegEdLW5Nzx5Mxt/2fSrLNHh9SB+p91Naqu3kNr6T +GiXALnfuIrllgAC3zc7+zFpR7DFUWy2vcfsFKzxGWYq5n9ONMmmbsuk745JEI3Ho +lcS35GEe4loV/A++yc84JABKK0JjUpXeafXr21dNGNe0mv0j/0zM8jWzZ6QFneeG +0MpZMP4rR+STe70n3Cgqoue0IDejt+N/jA6Js6cYV3zQgDX8sQVPR3saTaYMrjHH +UV7qj+tvzgUxMp0XEzhAxNKsHpGSwyDt0X2RPFj1Jye9OSLHV+p4Mbjij+9p8ZUB +robaTGECgYEA/SWNspWkyNSGE9YNErxiFL6WUGaXgJgoPNA6R/i5KoC/7jv8gn4X +TeZ9a5b+JHt5fSy3Ph1Pje8T3ZLDl+7Oahr2/Xh+pmcQ3Tb3gEA30e2dmQgLGfcD +wIa/wr+FpW/DofdjXtdVMyn9urnTiOYbPaFVY82z4OcQmFF/kMfSKAkCgYEAzPyf +FToGs1BmEz416js7QsXNdr3sQMONsBRVw3H26qWbYDxaT6piHBwNfw2N2awr1WFc +6XuQ93xymHHwNfb4vjTOI+vJLPwZo3P8KOZwDwjUpVL8OTDSXt87yJMbcmexLATS +Asmnoe5h8rVXHc+BJ8UR0HdkJN0SVD/LKlySTfUCgYAVm5D+v1szcUCIjOrMwJu2 +nZYDAt7HsTUuC7AN2KMlh5vaX/Brywt+MMBf4KGMx6VVE+4INURHHzMY5KAhZdbk +o6yVciWNWprL5xc1MUYSey/Kki8wZi9Bzb6shuCHgIS4XH905vh0x47K03XE569H +kW/Sdwp1lgOKnNpAp22+0QKBgEZQIQFW9hVr7peLL1M5Hgq5btDcNL3CVkefsgto +fBng1HseOJw7BYw+0yJRs+aGeEKpMwWjrQY3WdeQvaTFIm2cD1mi907G6sR2dHhT +Ev0VOlu7K2kypfaE/CzAyRllGBDRVng+U5HoAxENwuQm2Vaa8pFfYqqCalcbysSt +HEJBAoGAS/liytZxCp9v8RCNyAOo8JPHPw/EdPGxuk5lP7m4iNbB1O9DqvEEmR4l +RzgXcAPgIAy5+TEwUQwarqbHe8fgmGziMP4xtntN2X+epreD1fWqfTHphO2njaDT +SKMlO5hUVlQXc7/J6DRbFzWFlEngvqNx+PzM5VlEYc7mK6xRSjo= +-----END RSA PRIVATE KEY----- diff --git a/tests/puppet/provider/files/mx/dkim.pub b/tests/puppet/provider/files/mx/dkim.pub new file mode 100644 index 00000000..bbd32086 --- /dev/null +++ b/tests/puppet/provider/files/mx/dkim.pub @@ -0,0 +1,9 @@ +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrO7MRuCSyM2Iz5fXT17 +q2rpP8U8m4zE98gShMAzzKFOUjk2WldOzVDrNVMc6nlIkBifNpk85SCdgc5GRCWM +MHifbKTWjduK9pCTtvIOVPq9H0AkmgqXEgoVurn9gIxfUk2zpr+TzE9r7/U+O8ff +mtmZMKbWldvvqwfm3rLRBUpvi9EHKWjmqEp9I4x0mXzkwRzoyrN0xZB2pLJJVlg/ +edeI7omPaqRRbf/OWQb1CHK5g3Yol1zlnBEG4X7BsIqqvaKfPT6Zp1AM/QP5qJES +jvLyEf5eguWSeU/kyUCtSLZqigxfsYqcClN7gWiQ1j5d3vkpv6xEvLZOL9Jhg00F +nQIDAQAB +-----END PUBLIC KEY----- diff --git a/tests/puppet/provider/files/nodes/single/single.crt b/tests/puppet/provider/files/nodes/single/single.crt new file mode 100644 index 00000000..d51bbcc2 --- /dev/null +++ b/tests/puppet/provider/files/nodes/single/single.crt @@ -0,0 +1,34 @@ +-----BEGIN CERTIFICATE----- +MIIF1zCCA7+gAwIBAgIRAOa9uhf564pgUrrohRezgqswDQYJKoZIhvcNAQELBQAw +SjEQMA4GA1UECgwHRXhhbXBsZTEcMBoGA1UECwwTaHR0cHM6Ly9leGFtcGxlLm9y +ZzEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTE2MDYxMTAwMDAwMFoXDTE3 +MDYxMTAwMDAwMFowHTEbMBkGA1UEAwwSc2luZ2xlLmV4YW1wbGUub3JnMIICIjAN +BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3fVrTjpcmFuQG4bdI/cdptdpXoDu +a1X03i1WfLTPm7mdeqrMvFR8/6ReLobpb+GYkrhqIv0X8M1PIXUgbblZK3Uo/jhy +GINaNUUKkH/AaAi0g70BLYwDk6kXJ+mSuoEWQBKN6OdfHCsynFOg8B9B+ug4WEyR +JSWNrK6jF2N551/r0DHOLJgqDEr/rIdXgKbsmeLa7k8jHslirkwNERtr1qLMMNI5 +OFb1Qb/rIqL6q1oypVbPIVTv7Dw7wcSyW9P32WeyyML+eDlJQloFY4Fg96gGX42q +voiJ93C4tDBs/RbR3jrBEBP/Y52BOGB1cQaBQSfTRfCoJoEUpjeczevq2+YLwawI +ADchQjKcPXfJ86Gt9uHbdQrPM0JhNBkPtzCWRkLpS0l4dh/H8p+6jjHmiVe7ulXT ++rSOlucViB5r666a+YEY+v7IGMV9+f/LUXJsxKrl4N92r7GbGzcnX9cNKLGgxN+Z +ye/MTdzuFBQ83xQ6d1ITk/N4ohkghTb+64DYHjYsisP4/513cFFLnWx74rm9eDcq +UvljkF9POvnqJkCICLZLne0daaWxiSEw1HewfMZxh17esMp1eMXJGDoGSYAwDrsH +3rETBzHhqPrPuqtEmyzNS85o6Vf1XOi1kb+UuKE7dik5h7jcEqpC5LOu5EqJnf2N +MhJriuP8Mn0rKh0CAwEAAaOB5DCB4TAdBgNVHQ4EFgQUAl+3oyuiC9uG1iqlefB5 +7/w8uaswaAYDVR0RBGEwX4IPYXBpLmV4YW1wbGUub3JnggtleGFtcGxlLm9yZ4IT +bmlja255bS5leGFtcGxlLm9yZ4IQc2luZ2xlLmV4YW1wbGUuaYISc2luZ2xlLmV4 +YW1wbGUub3JnhwQBAQEBMAsGA1UdDwQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD +AQYIKwYBBQUHAwIwCQYDVR0TBAIwADAfBgNVHSMEGDAWgBSWELbB+tUXMau27NwD +SaQ77Kf1uDANBgkqhkiG9w0BAQsFAAOCAgEAOpy7sY9hKuHmvzyRSLdYipQiAI9a +I/jpBQQ6/lILOQVdhxKp9fnoTHowub6DRLJx3xFp3PywCXanTucPUylhKHi7w3Us +df0A8riUR7haXVJrHL2mCLlb4CyqdMyJ7eWRIv8DaUhdgPdX1d2LqDYWmbeDQeiV +HJJ89dFGXmiaH/9TZgPx8hOnZuF2dTy+eoVDYw2McCYJw5xIHzFlhK74jbjM1oQJ +xKItzb28/xOre4hsgi5S2hwIwXUfXkkbwI/KZaE9pC7DXa4KSmmZ48W5hJZS3pIU +A7sTvkGB3xidsQGKn4+q33GvexWZ7YeXMmdeaz3uWgDyBgTKTI0dZb9VrmkjwtZ+ +AxgBCm+vYG+XZ30vKDPYfgadhE4z9CA3RL9Sd2SYVEy1jhZ0TE3V+xT9pPvaKraz +l8fFZ7DvBvufbGjZFRgES56G6qgGs/CwdOkjfvpF9J/WsCTMceACyLKl9GfOZQHF +2TBbJAv9WGJsTFdPY4Qq1tq2LosyPWKEj4+v3lxkdgkDN3QvivTme4gm2Ps0EkjG +6u+0PtkFVHZ47Lz8mNx0Lmj6N6Rai6btTOSXm2rJlVDdRqih59oWuPJruqoU9S/z +Rul0Er74Sbf3iiEsmFlQpm6RqxcGwjhE6iv1pPa3ksFWz/sUQ50iW1jXaA+N4DC0 +TCnSHgbeJfatvMA= +-----END CERTIFICATE----- diff --git a/tests/puppet/provider/files/nodes/single/single.key b/tests/puppet/provider/files/nodes/single/single.key new file mode 100644 index 00000000..c248e4cd --- /dev/null +++ b/tests/puppet/provider/files/nodes/single/single.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJJwIBAAKCAgEA3fVrTjpcmFuQG4bdI/cdptdpXoDua1X03i1WfLTPm7mdeqrM +vFR8/6ReLobpb+GYkrhqIv0X8M1PIXUgbblZK3Uo/jhyGINaNUUKkH/AaAi0g70B +LYwDk6kXJ+mSuoEWQBKN6OdfHCsynFOg8B9B+ug4WEyRJSWNrK6jF2N551/r0DHO +LJgqDEr/rIdXgKbsmeLa7k8jHslirkwNERtr1qLMMNI5OFb1Qb/rIqL6q1oypVbP +IVTv7Dw7wcSyW9P32WeyyML+eDlJQloFY4Fg96gGX42qvoiJ93C4tDBs/RbR3jrB +EBP/Y52BOGB1cQaBQSfTRfCoJoEUpjeczevq2+YLwawIADchQjKcPXfJ86Gt9uHb +dQrPM0JhNBkPtzCWRkLpS0l4dh/H8p+6jjHmiVe7ulXT+rSOlucViB5r666a+YEY ++v7IGMV9+f/LUXJsxKrl4N92r7GbGzcnX9cNKLGgxN+Zye/MTdzuFBQ83xQ6d1IT +k/N4ohkghTb+64DYHjYsisP4/513cFFLnWx74rm9eDcqUvljkF9POvnqJkCICLZL +ne0daaWxiSEw1HewfMZxh17esMp1eMXJGDoGSYAwDrsH3rETBzHhqPrPuqtEmyzN +S85o6Vf1XOi1kb+UuKE7dik5h7jcEqpC5LOu5EqJnf2NMhJriuP8Mn0rKh0CAwEA +AQKCAgBT7k/LXwpQmp8dqZvJ09IkmuQ/ViXR9MkJkr9XnM+8pS3FivysYo555N+w +XFe9dONK5+1KmcYJyrkXf8DpfOMZKc58gz+xwUnFRvw9s/E/5brM7hWZ8Y4QsioN +b6eKWvHc/Kco4QT4E+Wpc34yDr/WbyWPTjS8hTzThZ4qY/Ve5si3C35ZIpkT2PBh +fzQ5c+WYM05yOv6ez6w/GIcAZwwaN6la9MOqaEeJu1bg3BxJ22u3VeIxSnsHK6e1 +F/oR+0+HqEzU2dd8Ar2PF5deDzhpreHrFBjyv5LcPIW7rWwpMA3gKPuEZut18cNB +XEhMmxcZWkPr+Jq9JKZ4TCNBQuql1EWsKuzhYak/83oZjw+6imsDzHSRkNWOo2Ux +CuY8QKD5zCtaOTzPx/K5b3sIiI1VMXsh5tg0YqrIyJF0WrGNLgwXOmG19V/DEZ81 +uCiTB0QEyJmk2xyEONEnUDT4f+WHCjSh6c9pJ9SnY3qKXUftTi8kywGwbZ2UNXiQ +n53uU5JH2Fi3uFkbY8JPhaE0pSx0HG5k5flWTKeqPtt8Pto/1Hh3p0+oFBpHJ361 +HXhCkPxYLt+tUbtahnxavWlzLW9p1pIcSB7HW+me5LiCIq4UFNfG+spftDA7MymA +r09kgYHOShTplNfaYCcgILBASdF6NTI8CRl2Z4M2ZUOWrp14iQKCAQEA8d2MhWO6 +ovKGkksl7uGHpbXcgpnPZxlLLazdG43t8Lx7T/fxZJcB4xGjY4u1YABIP0rMahcK +yPsZkaNhXi4KzUXHDxh1QRWMwIpvsu/QSYpz/ksPgoAiQTE+nwPsaHVL4WLPdXFn +7UGQL33/bdc2md7YHRnmFMK2PdS+XlOscjjNywoKejXhJKGlmSlD8+Itp8bb6TmN +YFQuclX+coKJTfXrVhrFi0lhvuWjYq/30eZoFZnnIOxyinboG+2ESLiceqMbEBcB ++63EMMN70qPMSrni7xJeCPCOFZAobJHkAIxTU2JyomFmIZEQyCMK80MZDZge+jeC +x0fmOI+sCaQO1wKCAQEA6u4NpH4WsgJhKycJrjTzfiH6miznbXdPzkFMrg4ziXiK +f4X0oe5bKyVSqZ1wzOFhkJjkernTUUtuwR/KW3EYpWe8mEvYiSQR500WkYynMlsy +e70zspseFnc08ZgR+BYWIKJTEAZDURgF7Lh5uKhdG8quSYw/h//4GOWHVc1A5qjI +UtUmGHVgqIBOvQChGI+HfBbeNOCXlnpZ/J24oYjjuMf+wnpxahawLk1+B0EVaKrP +V7yJ2ju/1QcVx4DKhIA9IF41sfmbVSvMKeL0nlMoLLpH/Rdbc0jiwUMYwCbcvSD7 +wKTPHUwgGngwL0P5oSooBA+1kA5kRDONcVPmGw80KwKCAQBuANS7iktFd0arXNBo +4FxgiuE66RfCjWd646dAtAGnPyJakatRk7jA/LGyQcWBXz98wdlM2yQFmubbLVLI +kepJyFWr0PTrYBC/NXduC9JQ0E7HNn5cXUi3G92eVxt7uvWDEfzHLogVCX+5ifXV +kE9+FjN2sOPLR2+5mXvnzOienqVCllODl+PJVFfL3E/SqWkYaMJ2Rb2+NStWxzPO +Av7N3W5moBB+tCZnu2vfI6dz6PYn9PKBL+k8fq48nX9Pz98ji/FwFPbK8BJOF2rG +t8bfqcHD+Deam0YUGpe4IXZwpWH0h88ZeXEJDUBztjRxxW+sliZoqTyqxFG6IeYe +EGbLAoIBABq5T6X5jd1b9e+xtiEx9szPUrF9ECpcmyBsPyvBg81Mf/y3oTdWZNqI +mVmgBjfYH4ASVFM9ljM2MHgZhKxYNiSCo2pznkMjbkHwe/O8mzxYMWrv/9R+XrLR +hp1A3jJpWMUHkglNnRS5ddsStQ3zYPwLVz4YjRWMYY17dqSk/4/9fSQnCPlZSNCC +H/LSAoFHunK8KzS6o6PDcT8SNfFyH+1iGrHGueYGhK4PtJlgpu3MGF/zm37Osyip +cKnMFb1y1QE8lkETkr7ih4vwPEFSVkyYOB4rLQT1Mo4ncsZQ5WVCPkEQvlqn0TMR +nvGRevEBWaH0o4Oqj29OqfVNROypExcCggEAdbEvcV6S28a73X9H+kbWAm5TJ8yH +f80/OXaRS3bbfuVF2nGyHYuD7MU/gHdV15mzH+J0W5olatKwRfnGFy54JTl2mp7z +8zvnNBy7L+0ZsTfAvZVskRCSJ4ACPFkFVidJei1fw90y5+nUpR+6motEywa4vqfO +QsoqaKaErGTagNWKygH61A9lO6d0hrRFXeMXJMn4ZhIjoUWRYHJw4nK4nHJjq4t+ +TfnxED+lvaC16nmQJayvQwg8kUz46YFbGc4ieQSlste87vcsSfbTPBnPpNmxpK0v +iPt2DD9o1djihRin/WnslcYNM7F9zABzJTr7tPfu0NSwnOQqYD0JMl4btQ== +-----END RSA PRIVATE KEY----- diff --git a/tests/puppet/provider/files/ssh/authorized_keys b/tests/puppet/provider/files/ssh/authorized_keys new file mode 100644 index 00000000..534789db --- /dev/null +++ b/tests/puppet/provider/files/ssh/authorized_keys @@ -0,0 +1,2 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEbZADylg5xTxWIF+DlAVNLuNugSvsb1QWlSKwfIbJjmsln/03ThQrsZG0JhL5F3/2epaahXhK11Uf2tcUsfE+9UffP+McYOKvZ9GmTLBpYZUyJT8XRBK/rthuig050xpNpxqlYTCbCM7QCkOseWp0FnAZv+CHXBbuVSkGDMc35nM1TxmVWHuJxiCq/XXg0CN/MD5UY7BWkJbWrelHxzTyVImB+cxRnaASaMk+LMLplrVG8jGTMSRFWea2U3iLrYnppLAsowNeXJ+NqKUXN9lo92OUDmKMy8Zlej/NRYJpAlLyTVzS+SPVqsYdnQn+3myj3SrJwP2PlDyzycxhnmttzULu4+zHbLCoJXB3RK3VJNw2rh0VNkRzl51ooUY2MLR/OndkbMi8TIB0kyKZcVwLXQk/5MGCitCY2sfuIY1+yuvxvQ/rlev0/eyikQ5KSew42hUGIf/0ygN3QK5Vj0DRmaYTEHyp/a5z2WXb9Itx1faOif2ZfnMEjYQ1wad7MeAa/iOnc8poGiSY5o6tBY0PvT9uBeigOZNTv47rdJ6Y+gmF3BIKIjhBTZWLloQQ7P3rqr6GLbFNd33ob3+qg6N2UEFlOHBKwXoUMZ0aN1R76qR8ZBtrJtYddt0clqYBaeoC1/AcNtKRKErB8kr4Gq6SQcah76XTNet9Q/4NnmtzGw== files/ssh/monitor_ssh.pub +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDew0EcUpfLjAAZbg6tkl5yRK/wya3TZugS0fbtC0ksG+A114XHJvSZH24nDAUFvV13SoGs5HunvXwnbt2S45Di8GPQXos8tLFP+Eh4ypnQJJaunYidEuYK2CG38zOGakX1y/ppKMrGAO6GiUi9ebR5DcJrXupyJBUsmKNsiV1sfekUvcFGBT5otZJwgNriIa3FjEDso6e5is7SfaBHTKAAXYKdnV1J89Y8lwuElrdBaW3N5q/IrNVt0d3LwOKCgupMz+pRGNAeOAXkAMwXjrr3RIqrnKpxAb32CFBh5MmSDMWxU3UInH+iyMUklMrJfUWfvEUF87dkJi6wWcck/VyB users/catalog_testuser/catalog_testuser_ssh.pub diff --git a/tests/puppet/provider/files/ssh/known_hosts b/tests/puppet/provider/files/ssh/known_hosts new file mode 100644 index 00000000..50bc01fd --- /dev/null +++ b/tests/puppet/provider/files/ssh/known_hosts @@ -0,0 +1,4 @@ +# +# This file is automatically generated by the command `leap`. You should NOT modify this file. +# Instead, rerun `leap node init` on whatever node is causing SSH problems. +# diff --git a/tests/puppet/provider/files/ssh/monitor_ssh b/tests/puppet/provider/files/ssh/monitor_ssh new file mode 100644 index 00000000..81ff75e4 --- /dev/null +++ b/tests/puppet/provider/files/ssh/monitor_ssh @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAxG2QA8pYOcU8ViBfg5QFTS7jboEr7G9UFpUisHyGyY5rJZ/9 +N04UK7GRtCYS+Rd/9nqWmoV4StdVH9rXFLHxPvVH3z/jHGDir2fRpkywaWGVMiU/ +F0QSv67YbooNOdMaTacapWEwmwjO0ApDrHlqdBZwGb/gh1wW7lUpBgzHN+ZzNU8Z +lVh7icYgqv114NAjfzA+VGOwVpCW1q3pR8c08lSJgfnMUZ2gEmjJPizC6Za1RvIx +kzEkRVnmtlN4i62J6aSwLKMDXlyfjailFzfZaPdjlA5ijMvGZXo/zUWCaQJS8k1c +0vkj1arGHZ0J/t5so90qycD9j5Q8s8nMYZ5rbc1C7uPsx2ywqCVwd0St1STcNq4d +FTZEc5edaKFGNjC0fzp3ZGzIvEyAdJMimXFcC10JP+TBgorQmNrH7iGNfsrr8b0P +65Xr9P3sopEOSknsONoVBiH/9MoDd0CuVY9A0ZmmExB8qf2uc9ll2/SLcdX2jon9 +mX5zBI2ENcGnezHgGv4jp3PKaBokmOaOrQWND70/bgXooDmTU7+O63SemPoJhdwS +CiI4QU2Vi5aEEOz966q+hi2xTXd96G9/qoOjdlBBZThwSsF6FDGdGjdUe+qkfGQb +aybWHXbdHJamAWnqAtfwHDbSkShKwfJK+BqukkHGoe+l0zXrfUP+DZ5rcxsCAwEA +AQKCAgEAk1rNysok3VHFLacjgAWu5HPkUaW9WaU6o6ZFW7hPNS0N3C/lOXPtVcnj +0A0v9oVWjYTxLgIqd5qKVVdKOlAy9lPzEttOeJ+F7qgncmXdgXCfB/tBFScQGZQE +8QfHXDWtacuOBbqfR+6XlyHcGqsK3QNoHSkAOwsueKSSHePAH4NVsgwg2RSDuJtV +LnDt2TTLLEL4vz35rzbQsUPN2PbsFU6tyT+nsyJYTvck4OubXLieTRarcgxPdWc3 +2FdN+xq4dvoA37t6b3N0jkSRdJWFF2Ve4lbYP18u+jl3W3pllnkT2ImItQwJgeSW +suh38ybQwSzNSITqsqc10nn0RNcfJvLK5CscX3xL8RYMcMAk9uxIAa5pACKnVwVj +a92pP0838E+3AP5yaAMNZg5xeC5jlZCOS82SM7xKBQacmeLHh7DmjZPqngzSHyDu +UyIlRn4dYB7G51QuQ1ZOZui/uODpUDcmh0EvAN2P/FDfhE4yvdJ5jIznNci7qEbG +GZ7S2RcMbexl7RSo6hvhXp8D4vuAgWMPpVXaIBf/G9BX+YBwpo90ohB+LRmnOdWA +FJfm7tis4ANx6XT+aWwvFEc6YTxV2ECq9yKcm8Ws0dhifDE2eKbWD9sL41p2Ghaa +NWGUJ55wgsidl6r9roA6spROMvaM0bRZFLE5OcIhuE9D7wnHD0ECggEBAO8t7v31 +23y8BSY4WuIN5JzNkcrY+d+P/WNM4KjATUw08Yzg29u1Ebh2JJLoSAHEyV6ngNJ3 +SO9uOhrH6mfBW+CC5RT1rE5g3G9bz8ZI1scMDJcXYfIHqhOynP3RbiaXR39fja+l +u7lW76mVM3qqET5oj4LBxU7eUyXzQqV7UoQyHBKNW0TALL/bRVdTabUyGprVbo70 +Ww75j2JqD2hK/803Ebi+VkkN1NcGiLdaWm9qvgTYiRENsSb4UjZX2EalKZERXcHy +e7VCKdOVWwbWpDdTG1mg/bI+EdQvHXXuD7yDIKs3z3d2sYeqdMhQ7rJE3Ra/P/0p +Kim+GTnDlVOwfXMCggEBANI99A6zp1iu2tkTIExEYin189BxtRg5EQRVm1CJl15O +RrfReUVuhvRSagQlXz7qnNiETG73F7ouGu4QTLYP0Lmjxa6UP7Lu0mQ23al2/OXE +1agzSLGTZv50sRE8f0Oo7fi/n++QVUfQ1MRM7yMtZnrl9X85+2KKQLYI4Gwb3yUU +geJMaX8X5s6CwffRYe9BtYb3q2o1ySTbMIcdL2aQbAorBz33DNkp/SyLwEiuaogt +jb93KCtoMiOyYs6gRMI3MxLGg6dLGbSB8QwBxCCV87UoUAS7IODqAHJwnacYKhEV +0EcA0oDjT9cQomX6lQQFmxXE/2A96P5e8wVPyTi5SbkCggEALkIA/ecF6yrmCA1Q +LnYnZ9guQUATm5RamlDtBlYi3QFEUk3O18A+TCG1UyBPhOANXhwhQxNE7OGxpSpT +AHwaC+Lk8VfOWl5LY9Iq7ht6RobjDHm+PLQUxbh+umw91ILflhfh7D2uf9r7gR3V +Ff08VoiccNqPEYDYLffNRPoD7INQgJoMM9DDFtwOniQIxr2I/bcXqdhCoDPN8me2 +0SHoNUVYTRWq1HgzWN7vpB56bSAE3iUO5VhzkajnJZF5x7f7wQ3Nx0vhdx3zvvMc +5sauffC50mzbhBSTGCmAliVTr87gi5zAqEcxcJ6b9X4JnDrLU7Hra0gB2o7kjBJy +l/wDVwKCAQEAjcICNouCEbTMkUNpKqONQNe6zthsj+mihLaoI7SyYH8NBdJzH5K3 +4jNTknoUb5rHqOIDm2p2EC4YMF7DKpsdVJ6NovoIvUB0kefArAwz10VR/ridkkZe +UsIhxgpxkRBtbKTgVSqPpf20CKwLLj/lcoZtcpyI2Nd5bIQtthdQ7XKXZRu6olxe +Xu4hlVQT4bv/hwKmDNY5SuWUIfZWyKQmhPCgUHKsshyyvX95ZkhcQnfctLXGWwZF +kHYuUz4TPpTzlfxONtXXfjODcWIbeRFCouqMkbQPJjgBlyhB1LHhY2W+6rEuPoOG +iO+JYJOGOJEDEbmjq6Py3tjsqa8zcVDV2QKCAQB2O6qmJCgn6os9ladkcnpTO5oD +I+poz8PdwPcoB+KxW/Jj759mmBCeFh0HtZlct9JMexWD8cB2+x0412y9cZC2XduK +tX0tci1WhZTR9XEo2BjzNJBRvRxSDOz1Fk0y2D9fhsVrPkS6qZ5/+kt/O6cgyFxb +4m0+2V4qnJcF075PF4G/Raq8sKKuPOg8EHTnVRZgyL7vmrprRlPqpq8CYJUwPX53 +ddK3exo96qLvYCf7qKtQvDedLbllrqgOE2xrhuPPAmaXjto2dHb/7NCVBoccL5mN +SPFLi0V6EvPUlYZZ/e0XQafMT20/moMWnuIH1igkXPkw/hwpBLGVVEsLv5hl +-----END RSA PRIVATE KEY----- diff --git a/tests/puppet/provider/files/ssh/monitor_ssh.pub b/tests/puppet/provider/files/ssh/monitor_ssh.pub new file mode 100644 index 00000000..8be32927 --- /dev/null +++ b/tests/puppet/provider/files/ssh/monitor_ssh.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEbZADylg5xTxWIF+DlAVNLuNugSvsb1QWlSKwfIbJjmsln/03ThQrsZG0JhL5F3/2epaahXhK11Uf2tcUsfE+9UffP+McYOKvZ9GmTLBpYZUyJT8XRBK/rthuig050xpNpxqlYTCbCM7QCkOseWp0FnAZv+CHXBbuVSkGDMc35nM1TxmVWHuJxiCq/XXg0CN/MD5UY7BWkJbWrelHxzTyVImB+cxRnaASaMk+LMLplrVG8jGTMSRFWea2U3iLrYnppLAsowNeXJ+NqKUXN9lo92OUDmKMy8Zlej/NRYJpAlLyTVzS+SPVqsYdnQn+3myj3SrJwP2PlDyzycxhnmttzULu4+zHbLCoJXB3RK3VJNw2rh0VNkRzl51ooUY2MLR/OndkbMi8TIB0kyKZcVwLXQk/5MGCitCY2sfuIY1+yuvxvQ/rlev0/eyikQ5KSew42hUGIf/0ygN3QK5Vj0DRmaYTEHyp/a5z2WXb9Itx1faOif2ZfnMEjYQ1wad7MeAa/iOnc8poGiSY5o6tBY0PvT9uBeigOZNTv47rdJ6Y+gmF3BIKIjhBTZWLloQQ7P3rqr6GLbFNd33ob3+qg6N2UEFlOHBKwXoUMZ0aN1R76qR8ZBtrJtYddt0clqYBaeoC1/AcNtKRKErB8kr4Gq6SQcah76XTNet9Q/4NnmtzGw== monitor diff --git a/tests/puppet/provider/nodes/single.json b/tests/puppet/provider/nodes/single.json new file mode 100644 index 00000000..fd9e4065 --- /dev/null +++ b/tests/puppet/provider/nodes/single.json @@ -0,0 +1,12 @@ +{ + "ip_address": "1.1.1.1", + "services": [ + "couchdb", + "soledad", + "webapp", + "mx", + //"static" + "monitor" + ], + "tags": ["single"] +} diff --git a/tests/puppet/provider/provider.json b/tests/puppet/provider/provider.json new file mode 100644 index 00000000..218ff529 --- /dev/null +++ b/tests/puppet/provider/provider.json @@ -0,0 +1,18 @@ +// +// General service provider configuration. +// +{ + "domain": "example.org", + "name": { + "en": "Example" + }, + "description": { + "en": "You really should change this text" + }, + "contacts": { + "default": "root@example.org" + }, + "languages": ["en"], + "default_language": "en", + "enrollment_policy": "open" +} diff --git a/tests/puppet/provider/secrets.json b/tests/puppet/provider/secrets.json new file mode 100644 index 00000000..b5ac725d --- /dev/null +++ b/tests/puppet/provider/secrets.json @@ -0,0 +1,20 @@ +{ + "single": { + "api_monitor_auth_token": "FUwtxrjhnpr2VDrCbdnbHguBAyPgrAt2", + "couch_admin_password": "cAUss5uM2nhnNsJPtn9rIEpv3BZBSNJd", + "couch_admin_password_salt": "7331473921a67d7cd2c9f66991672c5c", + "couch_leap_mx_password": "hBg7mw4sbZYWWyWwvzv37whcFeQBmVTK", + "couch_leap_mx_password_salt": "f9da31c9d4877adc426a1a8333ea6709", + "couch_nickserver_password": "e5VbYLky3NuccxTugAKSBmPCWgeetfne", + "couch_nickserver_password_salt": "fe9b943d7a70db61663f7549a06b209c", + "couch_replication_password": "nQWJtPJr8fZfcwMScdtxVALZPqEgfu8Y", + "couch_replication_password_salt": "7b6e739cfdf8dff346ad4ef1d15d00f0", + "couch_soledad_password": "UZDxFE2PMBqSVT3UkjwcDnbRLRBNYUq3", + "couch_soledad_password_salt": "a2a3b37661a1bd54198d3f8418010719", + "couch_webapp_password": "FKAgaDnmC8usduJcTMs79HdLsPnhkJL5", + "couch_webapp_password_salt": "e8a8e58d42aec9cc04e943e1e972cccf", + "nagios_admin_password": "dDrLfp2FqFE2Y9fz7PMdveAUHwf3DLuC", + "nagios_test_password": "574EHS3bTWF5p7WnKJSZf78ZUEuU37E3", + "webapp_secret_token": "tKHqE8FwL3XRTYE34bY5yQYaJXN3pTnq" + } +} diff --git a/tests/puppet/provider/tags/single.json b/tests/puppet/provider/tags/single.json new file mode 100644 index 00000000..d856c6ee --- /dev/null +++ b/tests/puppet/provider/tags/single.json @@ -0,0 +1,4 @@ +{ + "environment": "single" + +} diff --git a/tests/puppet/provider/users/catalog_testuser/catalog_testuser_ssh.pub b/tests/puppet/provider/users/catalog_testuser/catalog_testuser_ssh.pub new file mode 100644 index 00000000..e6b43568 --- /dev/null +++ b/tests/puppet/provider/users/catalog_testuser/catalog_testuser_ssh.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDew0EcUpfLjAAZbg6tkl5yRK/wya3TZugS0fbtC0ksG+A114XHJvSZH24nDAUFvV13SoGs5HunvXwnbt2S45Di8GPQXos8tLFP+Eh4ypnQJJaunYidEuYK2CG38zOGakX1y/ppKMrGAO6GiUi9ebR5DcJrXupyJBUsmKNsiV1sfekUvcFGBT5otZJwgNriIa3FjEDso6e5is7SfaBHTKAAXYKdnV1J89Y8lwuElrdBaW3N5q/IrNVt0d3LwOKCgupMz+pRGNAeOAXkAMwXjrr3RIqrnKpxAb32CFBh5MmSDMWxU3UInH+iyMUklMrJfUWfvEUF87dkJi6wWcck/VyB varac@rocinante -- cgit v1.2.3 From 5a36ab3d0d8793326a9f2691f5e4bd5074778393 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 16 Jun 2016 12:37:47 +0200 Subject: fix tests/puppet/hiera.yaml for catalog test --- tests/puppet/hiera.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/puppet/hiera.yaml b/tests/puppet/hiera.yaml index 054cb782..45a2549b 100644 --- a/tests/puppet/hiera.yaml +++ b/tests/puppet/hiera.yaml @@ -6,10 +6,10 @@ :logger: console :yaml: - :datadir: /home/varac/leap/git/leap_platform/tests/puppet/provider/hiera + :datadir: tests/puppet/provider/hiera :hierarchy: - - hiera + - single :puppet: :datasource: data -- cgit v1.2.3 From 6915426dda2a7ca054875f76f74376b481baae08 Mon Sep 17 00:00:00 2001 From: elijah Date: Fri, 17 Jun 2016 16:05:52 -0700 Subject: tests - default to admin access when testing existence of a db --- tests/helpers/couchdb_helper.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'tests') diff --git a/tests/helpers/couchdb_helper.rb b/tests/helpers/couchdb_helper.rb index b9085c1e..efb2c2bf 100644 --- a/tests/helpers/couchdb_helper.rb +++ b/tests/helpers/couchdb_helper.rb @@ -124,6 +124,7 @@ class LeapTest # returns true if the per-user db created by soledad-server exists. # def user_db_exists?(user_id, options=nil) + options = {:username => 'admin'}.merge(options || {}) db_name = "user-#{user_id}" url = couchdb_url("/#{db_name}", options) get(url) do |body, response, error| -- cgit v1.2.3 From 7818abd6a89a882cabb3d2a14a572308d9e959ff Mon Sep 17 00:00:00 2001 From: elijah Date: Tue, 21 Jun 2016 17:38:00 -0700 Subject: minor ruby linting --- tests/white-box/network.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/white-box/network.rb b/tests/white-box/network.rb index 436fc8a8..a08cdfbe 100644 --- a/tests/white-box/network.rb +++ b/tests/white-box/network.rb @@ -65,7 +65,7 @@ class Network < LeapTest end def test_03_Is_shorewall_running? - ignore unless File.exists?('/sbin/shorewall') + ignore unless File.exist?('/sbin/shorewall') assert_run('/sbin/shorewall status') pass end @@ -75,7 +75,7 @@ class Network < LeapTest def test_04_Are_server_certificates_valid? cert_paths = ["/etc/x509/certs/leap_commercial.crt", "/etc/x509/certs/leap.crt"] cert_paths.each do |cert_path| - if File.exists?(cert_path) + if File.exist?(cert_path) cert = OpenSSL::X509::Certificate.new(File.read(cert_path)) if Time.now > cert.not_after fail "The certificate #{cert_path} expired on #{cert.not_after}" -- cgit v1.2.3 From d0ff379fe2a43d7968b8828c8b31af5254f6f85b Mon Sep 17 00:00:00 2001 From: Micah Date: Tue, 28 Jun 2016 13:16:47 -0400 Subject: Remove bigcouch (#8056) Change-Id: I0c6e27298c63bd37de1410985d054799818c22a4 --- tests/white-box/couchdb.rb | 17 ----------------- 1 file changed, 17 deletions(-) (limited to 'tests') diff --git a/tests/white-box/couchdb.rb b/tests/white-box/couchdb.rb index 85dc6840..44a2769b 100644 --- a/tests/white-box/couchdb.rb +++ b/tests/white-box/couchdb.rb @@ -26,23 +26,6 @@ class CouchDB < LeapTest pass end - # - # compare the configured nodes to the nodes that are actually listed in bigcouch - # - def test_02_Is_cluster_membership_ok? - return unless multimaster? - url = couchdb_backend_url("/nodes/_all_docs") - neighbors = assert_property('couch.bigcouch.neighbors') - neighbors << assert_property('domain.full') - neighbors.sort! - assert_get(url) do |body| - response = JSON.parse(body) - nodes_in_db = response['rows'].collect{|row| row['id'].sub(/^bigcouch@/, '')}.sort - assert_equal neighbors, nodes_in_db, "The couchdb replication node list is wrong (/nodes/_all_docs)" - end - pass - end - # # all configured nodes are in 'cluster_nodes' # all nodes online and communicating are in 'all_nodes' -- cgit v1.2.3 From 72cf643ad03bf247784b686c1fabb1ba73ddc572 Mon Sep 17 00:00:00 2001 From: varac Date: Sat, 2 Jul 2016 21:20:31 +0200 Subject: use single node with vagrant --- tests/puppet/provider/nodes/single.json | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) (limited to 'tests') diff --git a/tests/puppet/provider/nodes/single.json b/tests/puppet/provider/nodes/single.json index fd9e4065..ca358cc5 100644 --- a/tests/puppet/provider/nodes/single.json +++ b/tests/puppet/provider/nodes/single.json @@ -1,12 +1,9 @@ { - "ip_address": "1.1.1.1", + "ip_address": "10.5.5.101", "services": [ "couchdb", - "soledad", - "webapp", "mx", - //"static" - "monitor" - ], - "tags": ["single"] + "soledad", + "webapp" + ] } -- cgit v1.2.3 From 4ca478b5edd0fd82ea445936508db6ec33fe082d Mon Sep 17 00:00:00 2001 From: elijah Date: Tue, 5 Jul 2016 02:31:04 -0700 Subject: prevent users from configuring a node and an environment with the same name --- tests/puppet/provider/tags/single.json | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 tests/puppet/provider/tags/single.json (limited to 'tests') diff --git a/tests/puppet/provider/tags/single.json b/tests/puppet/provider/tags/single.json deleted file mode 100644 index d856c6ee..00000000 --- a/tests/puppet/provider/tags/single.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "environment": "single" - -} -- cgit v1.2.3 From b72030ef29340539b6e7870f189b6135937a6945 Mon Sep 17 00:00:00 2001 From: varac Date: Sat, 2 Jul 2016 21:17:40 +0200 Subject: remove private stuff from test provider dir --- .../puppet/provider/files/nodes/single/single.crt | 34 --------------- .../puppet/provider/files/nodes/single/single.key | 51 ---------------------- tests/puppet/provider/files/ssh/authorized_keys | 2 - tests/puppet/provider/secrets.json | 20 --------- .../catalog_testuser/catalog_testuser_ssh.pub | 1 - 5 files changed, 108 deletions(-) delete mode 100644 tests/puppet/provider/files/nodes/single/single.crt delete mode 100644 tests/puppet/provider/files/nodes/single/single.key delete mode 100644 tests/puppet/provider/files/ssh/authorized_keys delete mode 100644 tests/puppet/provider/secrets.json delete mode 100644 tests/puppet/provider/users/catalog_testuser/catalog_testuser_ssh.pub (limited to 'tests') diff --git a/tests/puppet/provider/files/nodes/single/single.crt b/tests/puppet/provider/files/nodes/single/single.crt deleted file mode 100644 index d51bbcc2..00000000 --- a/tests/puppet/provider/files/nodes/single/single.crt +++ /dev/null @@ -1,34 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIF1zCCA7+gAwIBAgIRAOa9uhf564pgUrrohRezgqswDQYJKoZIhvcNAQELBQAw -SjEQMA4GA1UECgwHRXhhbXBsZTEcMBoGA1UECwwTaHR0cHM6Ly9leGFtcGxlLm9y -ZzEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTE2MDYxMTAwMDAwMFoXDTE3 -MDYxMTAwMDAwMFowHTEbMBkGA1UEAwwSc2luZ2xlLmV4YW1wbGUub3JnMIICIjAN -BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3fVrTjpcmFuQG4bdI/cdptdpXoDu -a1X03i1WfLTPm7mdeqrMvFR8/6ReLobpb+GYkrhqIv0X8M1PIXUgbblZK3Uo/jhy -GINaNUUKkH/AaAi0g70BLYwDk6kXJ+mSuoEWQBKN6OdfHCsynFOg8B9B+ug4WEyR -JSWNrK6jF2N551/r0DHOLJgqDEr/rIdXgKbsmeLa7k8jHslirkwNERtr1qLMMNI5 -OFb1Qb/rIqL6q1oypVbPIVTv7Dw7wcSyW9P32WeyyML+eDlJQloFY4Fg96gGX42q -voiJ93C4tDBs/RbR3jrBEBP/Y52BOGB1cQaBQSfTRfCoJoEUpjeczevq2+YLwawI -ADchQjKcPXfJ86Gt9uHbdQrPM0JhNBkPtzCWRkLpS0l4dh/H8p+6jjHmiVe7ulXT -+rSOlucViB5r666a+YEY+v7IGMV9+f/LUXJsxKrl4N92r7GbGzcnX9cNKLGgxN+Z -ye/MTdzuFBQ83xQ6d1ITk/N4ohkghTb+64DYHjYsisP4/513cFFLnWx74rm9eDcq -UvljkF9POvnqJkCICLZLne0daaWxiSEw1HewfMZxh17esMp1eMXJGDoGSYAwDrsH -3rETBzHhqPrPuqtEmyzNS85o6Vf1XOi1kb+UuKE7dik5h7jcEqpC5LOu5EqJnf2N -MhJriuP8Mn0rKh0CAwEAAaOB5DCB4TAdBgNVHQ4EFgQUAl+3oyuiC9uG1iqlefB5 -7/w8uaswaAYDVR0RBGEwX4IPYXBpLmV4YW1wbGUub3JnggtleGFtcGxlLm9yZ4IT -bmlja255bS5leGFtcGxlLm9yZ4IQc2luZ2xlLmV4YW1wbGUuaYISc2luZ2xlLmV4 -YW1wbGUub3JnhwQBAQEBMAsGA1UdDwQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD -AQYIKwYBBQUHAwIwCQYDVR0TBAIwADAfBgNVHSMEGDAWgBSWELbB+tUXMau27NwD -SaQ77Kf1uDANBgkqhkiG9w0BAQsFAAOCAgEAOpy7sY9hKuHmvzyRSLdYipQiAI9a -I/jpBQQ6/lILOQVdhxKp9fnoTHowub6DRLJx3xFp3PywCXanTucPUylhKHi7w3Us -df0A8riUR7haXVJrHL2mCLlb4CyqdMyJ7eWRIv8DaUhdgPdX1d2LqDYWmbeDQeiV -HJJ89dFGXmiaH/9TZgPx8hOnZuF2dTy+eoVDYw2McCYJw5xIHzFlhK74jbjM1oQJ -xKItzb28/xOre4hsgi5S2hwIwXUfXkkbwI/KZaE9pC7DXa4KSmmZ48W5hJZS3pIU -A7sTvkGB3xidsQGKn4+q33GvexWZ7YeXMmdeaz3uWgDyBgTKTI0dZb9VrmkjwtZ+ -AxgBCm+vYG+XZ30vKDPYfgadhE4z9CA3RL9Sd2SYVEy1jhZ0TE3V+xT9pPvaKraz -l8fFZ7DvBvufbGjZFRgES56G6qgGs/CwdOkjfvpF9J/WsCTMceACyLKl9GfOZQHF -2TBbJAv9WGJsTFdPY4Qq1tq2LosyPWKEj4+v3lxkdgkDN3QvivTme4gm2Ps0EkjG -6u+0PtkFVHZ47Lz8mNx0Lmj6N6Rai6btTOSXm2rJlVDdRqih59oWuPJruqoU9S/z -Rul0Er74Sbf3iiEsmFlQpm6RqxcGwjhE6iv1pPa3ksFWz/sUQ50iW1jXaA+N4DC0 -TCnSHgbeJfatvMA= ------END CERTIFICATE----- diff --git a/tests/puppet/provider/files/nodes/single/single.key b/tests/puppet/provider/files/nodes/single/single.key deleted file mode 100644 index c248e4cd..00000000 --- a/tests/puppet/provider/files/nodes/single/single.key +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJJwIBAAKCAgEA3fVrTjpcmFuQG4bdI/cdptdpXoDua1X03i1WfLTPm7mdeqrM -vFR8/6ReLobpb+GYkrhqIv0X8M1PIXUgbblZK3Uo/jhyGINaNUUKkH/AaAi0g70B -LYwDk6kXJ+mSuoEWQBKN6OdfHCsynFOg8B9B+ug4WEyRJSWNrK6jF2N551/r0DHO -LJgqDEr/rIdXgKbsmeLa7k8jHslirkwNERtr1qLMMNI5OFb1Qb/rIqL6q1oypVbP -IVTv7Dw7wcSyW9P32WeyyML+eDlJQloFY4Fg96gGX42qvoiJ93C4tDBs/RbR3jrB -EBP/Y52BOGB1cQaBQSfTRfCoJoEUpjeczevq2+YLwawIADchQjKcPXfJ86Gt9uHb -dQrPM0JhNBkPtzCWRkLpS0l4dh/H8p+6jjHmiVe7ulXT+rSOlucViB5r666a+YEY -+v7IGMV9+f/LUXJsxKrl4N92r7GbGzcnX9cNKLGgxN+Zye/MTdzuFBQ83xQ6d1IT -k/N4ohkghTb+64DYHjYsisP4/513cFFLnWx74rm9eDcqUvljkF9POvnqJkCICLZL -ne0daaWxiSEw1HewfMZxh17esMp1eMXJGDoGSYAwDrsH3rETBzHhqPrPuqtEmyzN -S85o6Vf1XOi1kb+UuKE7dik5h7jcEqpC5LOu5EqJnf2NMhJriuP8Mn0rKh0CAwEA -AQKCAgBT7k/LXwpQmp8dqZvJ09IkmuQ/ViXR9MkJkr9XnM+8pS3FivysYo555N+w -XFe9dONK5+1KmcYJyrkXf8DpfOMZKc58gz+xwUnFRvw9s/E/5brM7hWZ8Y4QsioN -b6eKWvHc/Kco4QT4E+Wpc34yDr/WbyWPTjS8hTzThZ4qY/Ve5si3C35ZIpkT2PBh -fzQ5c+WYM05yOv6ez6w/GIcAZwwaN6la9MOqaEeJu1bg3BxJ22u3VeIxSnsHK6e1 -F/oR+0+HqEzU2dd8Ar2PF5deDzhpreHrFBjyv5LcPIW7rWwpMA3gKPuEZut18cNB -XEhMmxcZWkPr+Jq9JKZ4TCNBQuql1EWsKuzhYak/83oZjw+6imsDzHSRkNWOo2Ux -CuY8QKD5zCtaOTzPx/K5b3sIiI1VMXsh5tg0YqrIyJF0WrGNLgwXOmG19V/DEZ81 -uCiTB0QEyJmk2xyEONEnUDT4f+WHCjSh6c9pJ9SnY3qKXUftTi8kywGwbZ2UNXiQ -n53uU5JH2Fi3uFkbY8JPhaE0pSx0HG5k5flWTKeqPtt8Pto/1Hh3p0+oFBpHJ361 -HXhCkPxYLt+tUbtahnxavWlzLW9p1pIcSB7HW+me5LiCIq4UFNfG+spftDA7MymA -r09kgYHOShTplNfaYCcgILBASdF6NTI8CRl2Z4M2ZUOWrp14iQKCAQEA8d2MhWO6 -ovKGkksl7uGHpbXcgpnPZxlLLazdG43t8Lx7T/fxZJcB4xGjY4u1YABIP0rMahcK -yPsZkaNhXi4KzUXHDxh1QRWMwIpvsu/QSYpz/ksPgoAiQTE+nwPsaHVL4WLPdXFn -7UGQL33/bdc2md7YHRnmFMK2PdS+XlOscjjNywoKejXhJKGlmSlD8+Itp8bb6TmN -YFQuclX+coKJTfXrVhrFi0lhvuWjYq/30eZoFZnnIOxyinboG+2ESLiceqMbEBcB -+63EMMN70qPMSrni7xJeCPCOFZAobJHkAIxTU2JyomFmIZEQyCMK80MZDZge+jeC -x0fmOI+sCaQO1wKCAQEA6u4NpH4WsgJhKycJrjTzfiH6miznbXdPzkFMrg4ziXiK -f4X0oe5bKyVSqZ1wzOFhkJjkernTUUtuwR/KW3EYpWe8mEvYiSQR500WkYynMlsy -e70zspseFnc08ZgR+BYWIKJTEAZDURgF7Lh5uKhdG8quSYw/h//4GOWHVc1A5qjI -UtUmGHVgqIBOvQChGI+HfBbeNOCXlnpZ/J24oYjjuMf+wnpxahawLk1+B0EVaKrP -V7yJ2ju/1QcVx4DKhIA9IF41sfmbVSvMKeL0nlMoLLpH/Rdbc0jiwUMYwCbcvSD7 -wKTPHUwgGngwL0P5oSooBA+1kA5kRDONcVPmGw80KwKCAQBuANS7iktFd0arXNBo -4FxgiuE66RfCjWd646dAtAGnPyJakatRk7jA/LGyQcWBXz98wdlM2yQFmubbLVLI -kepJyFWr0PTrYBC/NXduC9JQ0E7HNn5cXUi3G92eVxt7uvWDEfzHLogVCX+5ifXV -kE9+FjN2sOPLR2+5mXvnzOienqVCllODl+PJVFfL3E/SqWkYaMJ2Rb2+NStWxzPO -Av7N3W5moBB+tCZnu2vfI6dz6PYn9PKBL+k8fq48nX9Pz98ji/FwFPbK8BJOF2rG -t8bfqcHD+Deam0YUGpe4IXZwpWH0h88ZeXEJDUBztjRxxW+sliZoqTyqxFG6IeYe -EGbLAoIBABq5T6X5jd1b9e+xtiEx9szPUrF9ECpcmyBsPyvBg81Mf/y3oTdWZNqI -mVmgBjfYH4ASVFM9ljM2MHgZhKxYNiSCo2pznkMjbkHwe/O8mzxYMWrv/9R+XrLR -hp1A3jJpWMUHkglNnRS5ddsStQ3zYPwLVz4YjRWMYY17dqSk/4/9fSQnCPlZSNCC -H/LSAoFHunK8KzS6o6PDcT8SNfFyH+1iGrHGueYGhK4PtJlgpu3MGF/zm37Osyip -cKnMFb1y1QE8lkETkr7ih4vwPEFSVkyYOB4rLQT1Mo4ncsZQ5WVCPkEQvlqn0TMR -nvGRevEBWaH0o4Oqj29OqfVNROypExcCggEAdbEvcV6S28a73X9H+kbWAm5TJ8yH -f80/OXaRS3bbfuVF2nGyHYuD7MU/gHdV15mzH+J0W5olatKwRfnGFy54JTl2mp7z -8zvnNBy7L+0ZsTfAvZVskRCSJ4ACPFkFVidJei1fw90y5+nUpR+6motEywa4vqfO -QsoqaKaErGTagNWKygH61A9lO6d0hrRFXeMXJMn4ZhIjoUWRYHJw4nK4nHJjq4t+ -TfnxED+lvaC16nmQJayvQwg8kUz46YFbGc4ieQSlste87vcsSfbTPBnPpNmxpK0v -iPt2DD9o1djihRin/WnslcYNM7F9zABzJTr7tPfu0NSwnOQqYD0JMl4btQ== ------END RSA PRIVATE KEY----- diff --git a/tests/puppet/provider/files/ssh/authorized_keys b/tests/puppet/provider/files/ssh/authorized_keys deleted file mode 100644 index 534789db..00000000 --- a/tests/puppet/provider/files/ssh/authorized_keys +++ /dev/null @@ -1,2 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEbZADylg5xTxWIF+DlAVNLuNugSvsb1QWlSKwfIbJjmsln/03ThQrsZG0JhL5F3/2epaahXhK11Uf2tcUsfE+9UffP+McYOKvZ9GmTLBpYZUyJT8XRBK/rthuig050xpNpxqlYTCbCM7QCkOseWp0FnAZv+CHXBbuVSkGDMc35nM1TxmVWHuJxiCq/XXg0CN/MD5UY7BWkJbWrelHxzTyVImB+cxRnaASaMk+LMLplrVG8jGTMSRFWea2U3iLrYnppLAsowNeXJ+NqKUXN9lo92OUDmKMy8Zlej/NRYJpAlLyTVzS+SPVqsYdnQn+3myj3SrJwP2PlDyzycxhnmttzULu4+zHbLCoJXB3RK3VJNw2rh0VNkRzl51ooUY2MLR/OndkbMi8TIB0kyKZcVwLXQk/5MGCitCY2sfuIY1+yuvxvQ/rlev0/eyikQ5KSew42hUGIf/0ygN3QK5Vj0DRmaYTEHyp/a5z2WXb9Itx1faOif2ZfnMEjYQ1wad7MeAa/iOnc8poGiSY5o6tBY0PvT9uBeigOZNTv47rdJ6Y+gmF3BIKIjhBTZWLloQQ7P3rqr6GLbFNd33ob3+qg6N2UEFlOHBKwXoUMZ0aN1R76qR8ZBtrJtYddt0clqYBaeoC1/AcNtKRKErB8kr4Gq6SQcah76XTNet9Q/4NnmtzGw== files/ssh/monitor_ssh.pub -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDew0EcUpfLjAAZbg6tkl5yRK/wya3TZugS0fbtC0ksG+A114XHJvSZH24nDAUFvV13SoGs5HunvXwnbt2S45Di8GPQXos8tLFP+Eh4ypnQJJaunYidEuYK2CG38zOGakX1y/ppKMrGAO6GiUi9ebR5DcJrXupyJBUsmKNsiV1sfekUvcFGBT5otZJwgNriIa3FjEDso6e5is7SfaBHTKAAXYKdnV1J89Y8lwuElrdBaW3N5q/IrNVt0d3LwOKCgupMz+pRGNAeOAXkAMwXjrr3RIqrnKpxAb32CFBh5MmSDMWxU3UInH+iyMUklMrJfUWfvEUF87dkJi6wWcck/VyB users/catalog_testuser/catalog_testuser_ssh.pub diff --git a/tests/puppet/provider/secrets.json b/tests/puppet/provider/secrets.json deleted file mode 100644 index b5ac725d..00000000 --- a/tests/puppet/provider/secrets.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "single": { - "api_monitor_auth_token": "FUwtxrjhnpr2VDrCbdnbHguBAyPgrAt2", - "couch_admin_password": "cAUss5uM2nhnNsJPtn9rIEpv3BZBSNJd", - "couch_admin_password_salt": "7331473921a67d7cd2c9f66991672c5c", - "couch_leap_mx_password": "hBg7mw4sbZYWWyWwvzv37whcFeQBmVTK", - "couch_leap_mx_password_salt": "f9da31c9d4877adc426a1a8333ea6709", - "couch_nickserver_password": "e5VbYLky3NuccxTugAKSBmPCWgeetfne", - "couch_nickserver_password_salt": "fe9b943d7a70db61663f7549a06b209c", - "couch_replication_password": "nQWJtPJr8fZfcwMScdtxVALZPqEgfu8Y", - "couch_replication_password_salt": "7b6e739cfdf8dff346ad4ef1d15d00f0", - "couch_soledad_password": "UZDxFE2PMBqSVT3UkjwcDnbRLRBNYUq3", - "couch_soledad_password_salt": "a2a3b37661a1bd54198d3f8418010719", - "couch_webapp_password": "FKAgaDnmC8usduJcTMs79HdLsPnhkJL5", - "couch_webapp_password_salt": "e8a8e58d42aec9cc04e943e1e972cccf", - "nagios_admin_password": "dDrLfp2FqFE2Y9fz7PMdveAUHwf3DLuC", - "nagios_test_password": "574EHS3bTWF5p7WnKJSZf78ZUEuU37E3", - "webapp_secret_token": "tKHqE8FwL3XRTYE34bY5yQYaJXN3pTnq" - } -} diff --git a/tests/puppet/provider/users/catalog_testuser/catalog_testuser_ssh.pub b/tests/puppet/provider/users/catalog_testuser/catalog_testuser_ssh.pub deleted file mode 100644 index e6b43568..00000000 --- a/tests/puppet/provider/users/catalog_testuser/catalog_testuser_ssh.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDew0EcUpfLjAAZbg6tkl5yRK/wya3TZugS0fbtC0ksG+A114XHJvSZH24nDAUFvV13SoGs5HunvXwnbt2S45Di8GPQXos8tLFP+Eh4ypnQJJaunYidEuYK2CG38zOGakX1y/ppKMrGAO6GiUi9ebR5DcJrXupyJBUsmKNsiV1sfekUvcFGBT5otZJwgNriIa3FjEDso6e5is7SfaBHTKAAXYKdnV1J89Y8lwuElrdBaW3N5q/IrNVt0d3LwOKCgupMz+pRGNAeOAXkAMwXjrr3RIqrnKpxAb32CFBh5MmSDMWxU3UInH+iyMUklMrJfUWfvEUF87dkJi6wWcck/VyB varac@rocinante -- cgit v1.2.3 From f0dda1dd4ec063233b0d266b092d809c6243c354 Mon Sep 17 00:00:00 2001 From: varac Date: Sat, 2 Jul 2016 21:22:51 +0200 Subject: Update .gitlab-ci.yml and build config for local builds --- tests/puppet/provider/.platform-test.conf | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 tests/puppet/provider/.platform-test.conf (limited to 'tests') diff --git a/tests/puppet/provider/.platform-test.conf b/tests/puppet/provider/.platform-test.conf new file mode 100644 index 00000000..03ec4c52 --- /dev/null +++ b/tests/puppet/provider/.platform-test.conf @@ -0,0 +1,27 @@ +# i.e. /home/varac/leap/git/leap_platform +export ROOTDIR=$CI_BUILD_REPO + +export PROVIDERDIR="${ROOTDIR}/tests/puppet/provider" +export PLATFORMDIR="$ROOTDIR" +export LOGDIR="$ROOTDIR/builds/log" + +export CONTACTS="sysdev@leap.se" +export MAIL_TO=$CONTACTS + +export OPTS='--yes' + +export FILTER_COMMON="" + +#PROVIDER='rewire' +#DOMAIN='rewire.org' + +#LEAP_SRC='/usr/local/src/leap_cli_develop/' +export LEAP_CMD="leap" +#IP_SUFFIX_START='30' + +# Nodes to bootstrap +# NODES='rewdevcouch1:couchdb,soledad rewdevmx1:mx rewdevvpn1:openvpn,tor rewdevweb1:webapp,monitor rewdevplain1: rewdevstatic1:static' + +# tag/environment to deploy to +export TAG='local' + -- cgit v1.2.3 From dd68ec1b0b9f8c44187de29429e28dd0a2f7b2e7 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 5 Jul 2016 15:27:30 +0200 Subject: add gitlab-runners pubkey --- tests/puppet/provider/users/gitlab-runner/gitlab-runner_ssh.pub | 1 + 1 file changed, 1 insertion(+) create mode 100644 tests/puppet/provider/users/gitlab-runner/gitlab-runner_ssh.pub (limited to 'tests') diff --git a/tests/puppet/provider/users/gitlab-runner/gitlab-runner_ssh.pub b/tests/puppet/provider/users/gitlab-runner/gitlab-runner_ssh.pub new file mode 100644 index 00000000..1a3c370d --- /dev/null +++ b/tests/puppet/provider/users/gitlab-runner/gitlab-runner_ssh.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDkRxRRgaSmpzm1tOJMmvOrge/V7fQ9O0q/A+Ez0OlC0LC25ar0gPtm2aKjk3sIThA/C4jA9pGKn4Bi2TEh70NEUoTsrpRfFa8t3VRi3AdvMQ1gHdz53rZ+ZEk92Jf9DyP7pvJa0rKAL02bMAIugDqXXIW4KfrBZYZ30xCUywgl/0pqaQKidi2sFiFMeC36mW/YiomgXq6zmdZAI7h3/Vn4QWFVl/JJr+5MSVfYdG8wWgdnddAUC6gvsYsFP48e+gBeK0ueqHVMrEj2MB7WQ9h9zqPwzdcB6LcdbMgiFxxgpSdyy1DP4AW6PYkTOHPo4GjdU8/THXB9Ad/kr8vk7fOf gitlab-runner@greyhound -- cgit v1.2.3 From 4f8a0036ef6b6617ec913ef627823d1182ccde87 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 5 Jul 2016 15:44:48 +0200 Subject: Polish platform buils config file --- tests/puppet/provider/.platform-test.conf | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'tests') diff --git a/tests/puppet/provider/.platform-test.conf b/tests/puppet/provider/.platform-test.conf index 03ec4c52..a40b6b32 100644 --- a/tests/puppet/provider/.platform-test.conf +++ b/tests/puppet/provider/.platform-test.conf @@ -1,5 +1,4 @@ -# i.e. /home/varac/leap/git/leap_platform -export ROOTDIR=$CI_BUILD_REPO +export ROOTDIR=$(pwd) export PROVIDERDIR="${ROOTDIR}/tests/puppet/provider" export PLATFORMDIR="$ROOTDIR" @@ -12,12 +11,7 @@ export OPTS='--yes' export FILTER_COMMON="" -#PROVIDER='rewire' -#DOMAIN='rewire.org' - -#LEAP_SRC='/usr/local/src/leap_cli_develop/' export LEAP_CMD="leap" -#IP_SUFFIX_START='30' # Nodes to bootstrap # NODES='rewdevcouch1:couchdb,soledad rewdevmx1:mx rewdevvpn1:openvpn,tor rewdevweb1:webapp,monitor rewdevplain1: rewdevstatic1:static' -- cgit v1.2.3 From 1fd39d9d39b55102739c696fb14a76b47edcf1f7 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 13 Jul 2016 15:32:01 +0200 Subject: Use bundled version of leap_cli for tests --- tests/puppet/provider/.platform-test.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/puppet/provider/.platform-test.conf b/tests/puppet/provider/.platform-test.conf index a40b6b32..6d4ecae3 100644 --- a/tests/puppet/provider/.platform-test.conf +++ b/tests/puppet/provider/.platform-test.conf @@ -11,7 +11,7 @@ export OPTS='--yes' export FILTER_COMMON="" -export LEAP_CMD="leap" +export LEAP_CMD="bundle exec leap" # Nodes to bootstrap # NODES='rewdevcouch1:couchdb,soledad rewdevmx1:mx rewdevvpn1:openvpn,tor rewdevweb1:webapp,monitor rewdevplain1: rewdevstatic1:static' -- cgit v1.2.3 From f31d974b33bf8ac760ae1ba56c583081f51f7bce Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 15 Jul 2016 17:43:53 +0200 Subject: Use bin/ci-build.sh as build script - Use dynamic build vm names --- tests/puppet/provider/.platform-test.conf | 8 -------- 1 file changed, 8 deletions(-) (limited to 'tests') diff --git a/tests/puppet/provider/.platform-test.conf b/tests/puppet/provider/.platform-test.conf index 6d4ecae3..621fb7b7 100644 --- a/tests/puppet/provider/.platform-test.conf +++ b/tests/puppet/provider/.platform-test.conf @@ -8,14 +8,6 @@ export CONTACTS="sysdev@leap.se" export MAIL_TO=$CONTACTS export OPTS='--yes' - export FILTER_COMMON="" export LEAP_CMD="bundle exec leap" - -# Nodes to bootstrap -# NODES='rewdevcouch1:couchdb,soledad rewdevmx1:mx rewdevvpn1:openvpn,tor rewdevweb1:webapp,monitor rewdevplain1: rewdevstatic1:static' - -# tag/environment to deploy to -export TAG='local' - -- cgit v1.2.3 From 3e36abee5e0b2a4017da473fae97eff281989115 Mon Sep 17 00:00:00 2001 From: varac Date: Sat, 16 Jul 2016 18:19:58 +0200 Subject: Add catalogtest node, remove single node --- tests/puppet/hiera.yaml | 2 +- tests/puppet/provider/nodes/catalogtest.json | 10 ++++++++++ tests/puppet/provider/nodes/single.json | 9 --------- tests/puppet/provider/tags/catalogtest.json | 1 + 4 files changed, 12 insertions(+), 10 deletions(-) create mode 100644 tests/puppet/provider/nodes/catalogtest.json delete mode 100644 tests/puppet/provider/nodes/single.json create mode 100644 tests/puppet/provider/tags/catalogtest.json (limited to 'tests') diff --git a/tests/puppet/hiera.yaml b/tests/puppet/hiera.yaml index 45a2549b..d4d0f670 100644 --- a/tests/puppet/hiera.yaml +++ b/tests/puppet/hiera.yaml @@ -9,7 +9,7 @@ :datadir: tests/puppet/provider/hiera :hierarchy: - - single + - catalogtest :puppet: :datasource: data diff --git a/tests/puppet/provider/nodes/catalogtest.json b/tests/puppet/provider/nodes/catalogtest.json new file mode 100644 index 00000000..4f86ac19 --- /dev/null +++ b/tests/puppet/provider/nodes/catalogtest.json @@ -0,0 +1,10 @@ +{ + "ip_address": "1.1.1.1", + "services": [ + "couchdb", + "mx", + "soledad", + "webapp" + ], + "tags": ["catalogtest"] +} diff --git a/tests/puppet/provider/nodes/single.json b/tests/puppet/provider/nodes/single.json deleted file mode 100644 index ca358cc5..00000000 --- a/tests/puppet/provider/nodes/single.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "ip_address": "10.5.5.101", - "services": [ - "couchdb", - "mx", - "soledad", - "webapp" - ] -} diff --git a/tests/puppet/provider/tags/catalogtest.json b/tests/puppet/provider/tags/catalogtest.json new file mode 100644 index 00000000..0967ef42 --- /dev/null +++ b/tests/puppet/provider/tags/catalogtest.json @@ -0,0 +1 @@ +{} -- cgit v1.2.3 From e075f1dad155af6c30eec7be52e6ac0f2c779f6b Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 22 Jul 2016 07:56:55 +0200 Subject: Test all services on CI --- tests/puppet/provider/files/ca/dh.pem | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 tests/puppet/provider/files/ca/dh.pem (limited to 'tests') diff --git a/tests/puppet/provider/files/ca/dh.pem b/tests/puppet/provider/files/ca/dh.pem new file mode 100644 index 00000000..3c86bf39 --- /dev/null +++ b/tests/puppet/provider/files/ca/dh.pem @@ -0,0 +1,19 @@ +-----BEGIN DH PARAMETERS----- +MIIDDQKCAYEAhh7GNJktPFPgzCHPrWKCSmbhZtO1ypcVJCEZ0VkvpgUpUxAZnRl4 +TPZaQVbYx1gGpvJ6pV341zoeKlFjxK5h8iG5vWYplMk9FzxbI4O7oT2APZcVfR2U +4lrmQMK7EFDrfRw+CYCuwv0/NxEoMFINRnWtyksLPw3ZtFDdnUAz4Dnu15yAFBW9 +vmOqM72Npx3BnkREOZtB5Fj5FkH9DOVSibuD6zMlUCcVXaX/bON4yrhDGnSctj0y +mwCpkLK5GkpV24i7pW7LAY+MKXOtDObZHenwdJCBdcAMbNYO5BXuFFxlgJlxRT3T +j6IH25j9/dRzaO73rh222Qp/EA3YGvhuEAMps/o30flbjZdsiAzn8ajg8NO1qf4+ +aDJDN4xTRVFkTOgTuORqamiLmV7Q3yU4wDFo9jf8H/fD8uIXESy1NOTuKbXjoITL +D3RVivSlTXHWJ3rSOm13uFY0OVG+gx36Oz5O/hzbtGrebrTadKALS0SkH1cjh6pf +sCpgVW7BorY3AoIBgAZWGr/JxYe8PtTwPm40EH2r1FUvDlhEEaxF4Ky0VRxh4sdq +/Vdcvn5ww3KgItkwSSAM0TchtosXtjILXkuRSwJglu15OHOuJHZKsaaD7NeT+AoS +HOfaiEUJRht9+/lNLbLwxpq8FSCOabWSeqj40rq1P7wQWUh2gyAh9GWc+KO9Lg1w +Feo0re6IgmPaVhpWS/a2/IguHQwbMdly6EgWD8CqGIK9T4agWqYr4FIUzaEO3SOi +fe+MPV6U5P1STcs9+UQG9LjzqHHDjMHIm4I3KNXKyM2myl8ncTrmD6uRRiRh6bhn +wZHMXwk+JsJgbwz8d4T/xDoGNWvonGvnQWgPTaVry1N1TLjgWd+k8UCio0DmxgUJ +qOz1x7LIGqLGiSOF1xUxA4M50we/JVw8731PLFxZNiSRvKHW/Dh3YsZ2jSoPT+1T +1l+azCglr1Xz560GEjswedZgsAb1tBm7AFtpJIfujMLRZhhoUZl2rDX1A2h69/HN +kn86NydyUXjVGYttQgICAQA= +-----END DH PARAMETERS----- -- cgit v1.2.3 From c02ff0e5c834ff0ba0923dc55c7a8be760e3cfd7 Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Wed, 17 Aug 2016 18:59:24 -0300 Subject: [test] soledad doesnt have design docs anymore This code was testing for it and should be removed. --- tests/white-box/webapp.rb | 3 --- 1 file changed, 3 deletions(-) (limited to 'tests') diff --git a/tests/white-box/webapp.rb b/tests/white-box/webapp.rb index 68f3dcd2..424465da 100644 --- a/tests/white-box/webapp.rb +++ b/tests/white-box/webapp.rb @@ -104,9 +104,6 @@ class Webapp < LeapTest repeatedly_try("/#{db_name}") do |body, response, error| assert false, "Could not find user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}" end - repeatedly_try("/#{db_name}/_design/docs") do |body, response, error| - assert false, "Could not find design docs for user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}" - end end # -- cgit v1.2.3 From 9d46cdf76480cd7b0fb3b8d526476ea055fc5439 Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Wed, 17 Aug 2016 19:00:24 -0300 Subject: [bug] check privileges and db access separately This commit introduces a way to check if db exists and then check if it is properly set in two asserts, so we can have two distinct phrases to avoid confusion. - Resolves: #8388 --- tests/white-box/webapp.rb | 41 ++++++++++++----------------------------- 1 file changed, 12 insertions(+), 29 deletions(-) (limited to 'tests') diff --git a/tests/white-box/webapp.rb b/tests/white-box/webapp.rb index 424465da..40c234d6 100644 --- a/tests/white-box/webapp.rb +++ b/tests/white-box/webapp.rb @@ -61,7 +61,7 @@ class Webapp < LeapTest soledad_url = "https://#{soledad_server}/user-#{user.id}" soledad_cert = "/usr/local/share/ca-certificates/leap_ca.crt" assert_run "#{command} #{user.id} #{user.session_token} #{soledad_url} #{soledad_cert} #{user.password}" - assert_user_db_exists(user) + assert_user_db_privileges(user) pass end end @@ -96,36 +96,19 @@ class Webapp < LeapTest end # - # returns true if the per-user db created by soledad-server exists. - # we try three times, and give up after that. + # checks if user db exists and is properly protected # - def assert_user_db_exists(user) - db_name = "user-#{user.id}" - repeatedly_try("/#{db_name}") do |body, response, error| - assert false, "Could not find user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}" + def assert_user_db_privileges(user) + db_name = "/user-#{user.id}" + get(couchdb_url(db_name)) do |body, response, error| + code = response.code.to_i + assert code != 404, "Could not find user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}" + # After moving to couchdb, webapp user is not allowed to Read user dbs, + # but the return code for non-existent databases is 404. See #7674 + # 401 should come as we aren't supposed to have read privileges on it. + assert code != 200, "Incorrect security settings (design doc) on user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}" + assert code == 401, "Unknown error on user db on user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}" end end - # - # tries the URL repeatedly, giving up and yield the last response if - # no try returned a 200 http status code. - # - def repeatedly_try(url, &block) - last_body, last_response, last_error = nil - 3.times do - sleep 0.2 - get(couchdb_url(url)) do |body, response, error| - last_body, last_response, last_error = body, response, error - # After moving to couchdb, webapp user is not allowed to Read user dbs, - # but the return code for non-existent databases is 404. See #7674 - if response.code.to_i == 401 - return - end - end - sleep 1 - end - yield last_body, last_response, last_error - return - end - end -- cgit v1.2.3 From ba45bf0472573d7e8646376a4a2a5a71c764e6b9 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 29 Aug 2016 17:27:13 +0200 Subject: use experimental-0.9 deb repo for ci builds --- tests/puppet/provider/common.json | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'tests') diff --git a/tests/puppet/provider/common.json b/tests/puppet/provider/common.json index c891fea3..a13f8f75 100644 --- a/tests/puppet/provider/common.json +++ b/tests/puppet/provider/common.json @@ -1,5 +1,12 @@ -// -// Options put here are inherited by all nodes. -// { + "sources": { + "platform": { + "apt": { + "basic": "http://deb.leap.se/experimental-0.9" + } + }, + "nickserver": { + "revision": "develop" + } + } } -- cgit v1.2.3 From e98d216dedbec1dc672ba3d80d5d34f2f4d4e4df Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 31 Aug 2016 23:50:45 +0200 Subject: [CI] Test catalog with all available services --- tests/puppet/provider/nodes/catalogtest.json | 33 ++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/puppet/provider/nodes/catalogtest.json b/tests/puppet/provider/nodes/catalogtest.json index 4f86ac19..05703666 100644 --- a/tests/puppet/provider/nodes/catalogtest.json +++ b/tests/puppet/provider/nodes/catalogtest.json @@ -1,10 +1,39 @@ { "ip_address": "1.1.1.1", + "openvpn": { + "gateway_address": "1.1.1.2" + }, "services": [ "couchdb", "mx", "soledad", - "webapp" + "webapp", + "monitor", + "openvpn", + "tor", + "obfsproxy", + "static" ], - "tags": ["catalogtest"] + "tags": ["catalogtest","development"], + "static": { + "domains":{ + "example.org": { + "tls_only": true, + "locations": { + "front": { + "path": "/", + "format": "amber", + "source": { + "type": "git", + "repo": "https://leap.se/git/bitmask_help", + "revision": "origin/master" + } + } + }, + "cert": "= file('cert/example.org.crt')", + "key": "= file('cert/example.org.key')", + "ca_cert": "= file('cert/commercial_ca.crt')" + } + } + } } -- cgit v1.2.3 From 1952848f99e3d219a5ca670b04daa1bd10759d93 Mon Sep 17 00:00:00 2001 From: elijah Date: Wed, 31 Aug 2016 16:59:46 -0700 Subject: mx test: skip email delivery test if clamd is not running because signature files are still downloading. --- tests/white-box/mx.rb | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) (limited to 'tests') diff --git a/tests/white-box/mx.rb b/tests/white-box/mx.rb index e0cb273a..0eeaacd0 100644 --- a/tests/white-box/mx.rb +++ b/tests/white-box/mx.rb @@ -63,10 +63,10 @@ class Mx < LeapTest if Dir.glob("/var/lib/clamav/main.{c[vl]d,inc}").size > 0 and Dir.glob("/var/lib/clamav/daily.{c[vl]d,inc}").size > 0 assert_running '^/usr/sbin/clamd' assert_running '^/usr/sbin/clamav-milter' + pass else - skip "Downloading the clamav signature files (/var/lib/clamav/{daily,main}.{c[vl]d,inc}) is still in progress, so clamd is not running.\nDon't worry, mail delivery will work without clamav. The download should finish soon." + skip "Downloading the clamav signature files (/var/lib/clamav/{daily,main}.{c[vl]d,inc}) is still in progress, so clamd is not running." end - pass end # @@ -125,21 +125,25 @@ class Mx < LeapTest # get sent to root, so the sysadmin will still figure out pretty # quickly that something is wrong. # - def test_06_Can_deliver_email? - addr = [TEST_EMAIL_USER, property('domain.full_suffix')].join('@') - bad_addr = [TEST_BAD_USER, property('domain.full_suffix')].join('@') + def test_05_Can_deliver_email? + if pgrep('^/usr/sbin/clamd').empty? || pgrep('^/usr/sbin/clamav-milter').empty? + skip "Mail delivery is being deferred because clamav daemon is not running" + else + addr = [TEST_EMAIL_USER, property('domain.full_suffix')].join('@') + bad_addr = [TEST_BAD_USER, property('domain.full_suffix')].join('@') - assert !identity_exists?(bad_addr), "the address #{bad_addr} must not exist." - if !identity_exists?(addr) - user = assert_create_user(TEST_EMAIL_USER, :monitor) - upload_public_key(user.id, TEST_EMAIL_PUBLIC_KEY) - end - assert identity_exists?(addr), "The identity #{addr} should have been created, but it doesn't exist yet." - assert_send_email(addr) - assert_raises(Net::SMTPError) do - send_email(bad_addr) + assert !identity_exists?(bad_addr), "the address #{bad_addr} must not exist." + if !identity_exists?(addr) + user = assert_create_user(TEST_EMAIL_USER, :monitor) + upload_public_key(user.id, TEST_EMAIL_PUBLIC_KEY) + end + assert identity_exists?(addr), "The identity #{addr} should have been created, but it doesn't exist yet." + assert_send_email(addr) + assert_raises(Net::SMTPError) do + send_email(bad_addr) + end + pass end - pass end private -- cgit v1.2.3 From 07c0e60e6bdc5b8bfe1f42f76dae9f0a79e7abb0 Mon Sep 17 00:00:00 2001 From: elijah Date: Mon, 29 Aug 2016 16:35:14 -0700 Subject: moved infrastructure tests run by `leap run` to tests/server-tests --- tests/README.md | 25 --- tests/helpers/bonafide_helper.rb | 235 ---------------------- tests/helpers/client_side_db.py | 167 ---------------- tests/helpers/couchdb_helper.rb | 143 -------------- tests/helpers/files_helper.rb | 54 ----- tests/helpers/http_helper.rb | 157 --------------- tests/helpers/network_helper.rb | 79 -------- tests/helpers/os_helper.rb | 41 ---- tests/helpers/smtp_helper.rb | 45 ----- tests/helpers/soledad_sync.py | 89 --------- tests/helpers/srp_helper.rb | 171 ---------------- tests/order.rb | 22 --- tests/server-tests/README.md | 44 +++++ tests/server-tests/helpers/bonafide_helper.rb | 235 ++++++++++++++++++++++ tests/server-tests/helpers/client_side_db.py | 167 ++++++++++++++++ tests/server-tests/helpers/couchdb_helper.rb | 143 ++++++++++++++ tests/server-tests/helpers/files_helper.rb | 54 +++++ tests/server-tests/helpers/http_helper.rb | 157 +++++++++++++++ tests/server-tests/helpers/network_helper.rb | 79 ++++++++ tests/server-tests/helpers/os_helper.rb | 41 ++++ tests/server-tests/helpers/smtp_helper.rb | 45 +++++ tests/server-tests/helpers/soledad_sync.py | 89 +++++++++ tests/server-tests/helpers/srp_helper.rb | 171 ++++++++++++++++ tests/server-tests/order.rb | 22 +++ tests/server-tests/white-box/couchdb.rb | 169 ++++++++++++++++ tests/server-tests/white-box/dummy.rb | 71 +++++++ tests/server-tests/white-box/mx.rb | 271 ++++++++++++++++++++++++++ tests/server-tests/white-box/network.rb | 90 +++++++++ tests/server-tests/white-box/openvpn.rb | 16 ++ tests/server-tests/white-box/soledad.rb | 17 ++ tests/server-tests/white-box/webapp.rb | 114 +++++++++++ tests/white-box/couchdb.rb | 169 ---------------- tests/white-box/dummy.rb | 71 ------- tests/white-box/mx.rb | 271 -------------------------- tests/white-box/network.rb | 90 --------- tests/white-box/openvpn.rb | 16 -- tests/white-box/soledad.rb | 17 -- tests/white-box/webapp.rb | 114 ----------- 38 files changed, 1995 insertions(+), 1976 deletions(-) delete mode 100644 tests/README.md delete mode 100644 tests/helpers/bonafide_helper.rb delete mode 100644 tests/helpers/client_side_db.py delete mode 100644 tests/helpers/couchdb_helper.rb delete mode 100644 tests/helpers/files_helper.rb delete mode 100644 tests/helpers/http_helper.rb delete mode 100644 tests/helpers/network_helper.rb delete mode 100644 tests/helpers/os_helper.rb delete mode 100644 tests/helpers/smtp_helper.rb delete mode 100755 tests/helpers/soledad_sync.py delete mode 100644 tests/helpers/srp_helper.rb delete mode 100644 tests/order.rb create mode 100644 tests/server-tests/README.md create mode 100644 tests/server-tests/helpers/bonafide_helper.rb create mode 100644 tests/server-tests/helpers/client_side_db.py create mode 100644 tests/server-tests/helpers/couchdb_helper.rb create mode 100644 tests/server-tests/helpers/files_helper.rb create mode 100644 tests/server-tests/helpers/http_helper.rb create mode 100644 tests/server-tests/helpers/network_helper.rb create mode 100644 tests/server-tests/helpers/os_helper.rb create mode 100644 tests/server-tests/helpers/smtp_helper.rb create mode 100755 tests/server-tests/helpers/soledad_sync.py create mode 100644 tests/server-tests/helpers/srp_helper.rb create mode 100644 tests/server-tests/order.rb create mode 100644 tests/server-tests/white-box/couchdb.rb create mode 100644 tests/server-tests/white-box/dummy.rb create mode 100644 tests/server-tests/white-box/mx.rb create mode 100644 tests/server-tests/white-box/network.rb create mode 100644 tests/server-tests/white-box/openvpn.rb create mode 100644 tests/server-tests/white-box/soledad.rb create mode 100644 tests/server-tests/white-box/webapp.rb delete mode 100644 tests/white-box/couchdb.rb delete mode 100644 tests/white-box/dummy.rb delete mode 100644 tests/white-box/mx.rb delete mode 100644 tests/white-box/network.rb delete mode 100644 tests/white-box/openvpn.rb delete mode 100644 tests/white-box/soledad.rb delete mode 100644 tests/white-box/webapp.rb (limited to 'tests') diff --git a/tests/README.md b/tests/README.md deleted file mode 100644 index 814c25b1..00000000 --- a/tests/README.md +++ /dev/null @@ -1,25 +0,0 @@ -Tests ---------------------------------- - -tests/white-box/ - - These tests are run on the server as superuser. They are for - troubleshooting any problems with the internal setup of the server. - -tests/black-box/ - - These test are run the user's local machine. They are for troubleshooting - any external problems with the service exposed by the server. - -Additional Files ---------------------------------- - -tests/helpers/ - - Utility functions made available to all tests. - -tests/order.rb - - Configuration file to specify which nodes should be tested in which order. - - diff --git a/tests/helpers/bonafide_helper.rb b/tests/helpers/bonafide_helper.rb deleted file mode 100644 index 5b886228..00000000 --- a/tests/helpers/bonafide_helper.rb +++ /dev/null @@ -1,235 +0,0 @@ -# -# helper for the communication with the provider API for creating, authenticating, and deleting accounts. -# - -class LeapTest - - def assert_tmp_user - user = assert_create_user - assert_authenticate_user(user) - yield user if block_given? - assert_delete_user(user) - rescue StandardError, MiniTest::Assertion => exc - begin - assert_delete_user(user) - rescue - end - raise exc - end - - # - # attempts to create a user account via the API, - # returning the user object if successful. - # - def assert_create_user(username=nil, auth=nil) - user = SRP::User.new(username) - url = api_url("/users.json") - params = user.to_params - if auth - options = api_options(:auth => auth) - else - options = api_options - if property('webapp.invite_required') - @invite_code = generate_invite_code - params['user[invite_code]'] = @invite_code - end - end - - assert_post(url, params, options) do |body| - assert response = JSON.parse(body), 'response should be JSON' - assert response['ok'], "Creating a user should be successful, got #{response.inspect} instead." - user.ok = true - user.id = response['id'] - end - return user - end - - # TODO: use the api for this instead. - def generate_invite_code - `cd /srv/leap/webapp/ && sudo -u leap-webapp RAILS_ENV=production bundle exec rake generate_invites[1]`.gsub(/\n/, "") - end - - # - # attempts to authenticate user. if successful, - # user object is updated with id and session token. - # - def assert_authenticate_user(user) - url = api_url("/sessions.json") - session = SRP::Session.new(user) - params = {'login' => user.username, 'A' => session.aa} - assert_post(url, params, api_options) do |body, response| - cookie = response['Set-Cookie'].split(';').first - assert(response = JSON.parse(body), 'response should be JSON') - assert(session.bb = response["B"], 'response should include "B"') - url = api_url("/sessions/login.json") - params = {'client_auth' => session.m, 'A' => session.aa} - assert_put(url, params, api_options('Cookie' => cookie)) do |body| - assert(response = JSON.parse(body), 'response should be JSON') - assert(response['M2'], 'response should include M2') - user.session_token = response['token'] - user.id = response['id'] - assert(user.session_token, 'response should include token') - assert(user.id, 'response should include user id') - end - end - end - - # - # attempts to destroy a user account via the API. - # - def assert_delete_user(user) - if user.is_a? String - assert_delete_user_by_login(user) - elsif user.is_a? SRP::User - assert_delete_srp_user(user) - end - end - - # - # returns true if the identity exists, uses monitor token auth - # - def identity_exists?(address) - url = api_url("/identities/#{URI.encode(address)}.json") - options = {:ok_codes => [200, 404]}.merge( - api_options(:auth => :monitor) - ) - assert_get(url, nil, options) do |body, response| - return response.code == "200" - end - end - - def upload_public_key(user_id, public_key) - url = api_url("/users/#{user_id}.json") - params = {"user[public_key]" => public_key} - assert_put(url, params, api_options(:auth => :monitor)) - end - - # - # return user document as a Hash. uses monitor token auth - # - def find_user_by_id(user_id) - url = api_url("/users/#{user_id}.json") - assert_get(url, nil, api_options(:auth => :monitor)) do |body| - return JSON.parse(body) - end - end - - # - # return user document as a Hash. uses monitor token auth - # NOTE: this relies on deprecated behavior of the API - # and will not work when multi-domain support is added. - # - def find_user_by_login(login) - url = api_url("/users/0.json?login=#{login}") - options = {:ok_codes => [200, 404]}.merge( - api_options(:auth => :monitor) - ) - assert_get(url, nil, options) do |body, response| - if response.code == "200" - return JSON.parse(body) - else - return nil - end - end - end - - private - - def api_url(path) - unless path =~ /^\// - path = '/' + path - end - if property('testing.api_uri') - return property('testing.api_uri') + path - elsif property('api') - api = property('api') - return "https://%{domain}:%{port}/%{version}#{path}" % { - :domain => api['domain'], - :port => api['port'], - :version => api['version'] || 1 - } - else - fail 'This node needs to have either testing.api_url or api.{domain,port} configured.' - end - end - - # - # produces an options hash used for api http requests. - # - # argument options hash gets added to "headers" - # of the http request. - # - # special :auth key in argument will expand to - # add api_token_auth header. - # - # if you want to try manually: - # - # export API_URI=`grep api_uri /etc/leap/hiera.yaml | cut -d\" -f2` - # export TOKEN=`grep monitor_auth_token /etc/leap/hiera.yaml | awk '{print $2}'` - # curl -H "Accept: application/json" -H "Token: $TOKEN" $API_URI - # - def api_options(options={}) - # note: must be :headers, not "headers" - hsh = { - :headers => { - "Accept" => "application/json" - } - } - if options[:auth] - hsh[:headers].merge!(api_token_auth(options.delete(:auth))) - end - hsh[:headers].merge!(options) - return hsh - end - - # - # add token authentication to a http request. - # - # returns a hash suitable for adding to the 'headers' option - # of an http function. - # - def api_token_auth(token) - if token.is_a?(Symbol) && property('testing') - if token == :monitor - token_str = property('testing.monitor_auth_token') - else - raise ArgumentError.new 'no such token' - end - else - token_str = token - end - {"Authorization" => "Token token=\"#{token_str}\""} - end - - # - # not actually used in any test, but useful when - # writing new tests. - # - def assert_delete_user_by_login(login_name) - user = find_user_by_login(login_name) - url = api_url("/users/#{user['id']}.json") - params = {:identities => 'destroy'} - delete(url, params, api_options(:auth => :monitor)) do |body, response, error| - assert error.nil?, "Error deleting user: #{error}" - assert response.code.to_i == 200, "Unable to delete user: HTTP response from API should have code 200, was #{response.code} #{error} #{body}" - assert(response = JSON.parse(body), 'Delete response should be JSON') - assert(response["success"], 'Deleting user should be a success') - end - end - - def assert_delete_srp_user(user) - if user && user.ok && user.id && user.session_token && !user.deleted - url = api_url("users/#{user.id}.json") - params = {:identities => 'destroy'} - user.deleted = true - delete(url, params, api_options(:auth => user.session_token)) do |body, response, error| - assert error.nil?, "Error deleting user: #{error}" - assert response.code.to_i == 200, "Unable to delete user: HTTP response from API should have code 200, was #{response.code} #{error} #{body}" - assert(response = JSON.parse(body), 'Delete response should be JSON') - assert(response["success"], 'Deleting user should be a success') - end - end - end - - -end diff --git a/tests/helpers/client_side_db.py b/tests/helpers/client_side_db.py deleted file mode 100644 index 2f8c220f..00000000 --- a/tests/helpers/client_side_db.py +++ /dev/null @@ -1,167 +0,0 @@ -import logging -import os -import tempfile -import getpass -import binascii -import json - -try: - import requests - import srp._pysrp as srp -except ImportError: - pass - -from twisted.internet.defer import inlineCallbacks - -from leap.soledad.client import Soledad - - -""" -Helper functions to give access to client-side Soledad database. -Copied over from soledad/scripts folder. -""" - -# create a logger -logger = logging.getLogger(__name__) - -# DEBUG: enable debug logs -# LOG_FORMAT = '%(asctime)s %(message)s' -# logging.basicConfig(format=LOG_FORMAT, level=logging.DEBUG) - - -safe_unhexlify = lambda x: binascii.unhexlify(x) if ( - len(x) % 2 == 0) else binascii.unhexlify('0' + x) - - -def _fail(reason): - logger.error('Fail: ' + reason) - exit(2) - - -def get_soledad_instance(uuid, passphrase, basedir, server_url, cert_file, - token): - # setup soledad info - logger.info('UUID is %s' % uuid) - logger.info('Server URL is %s' % server_url) - secrets_path = os.path.join( - basedir, '%s.secret' % uuid) - local_db_path = os.path.join( - basedir, '%s.db' % uuid) - # instantiate soledad - return Soledad( - uuid, - unicode(passphrase), - secrets_path=secrets_path, - local_db_path=local_db_path, - server_url=server_url, - cert_file=cert_file, - auth_token=token, - defer_encryption=True) - - -def _get_api_info(provider): - info = requests.get( - 'https://'+provider+'/provider.json', verify=False).json() - return info['api_uri'], info['api_version'] - - -def _login(username, passphrase, provider, api_uri, api_version): - usr = srp.User(username, passphrase, srp.SHA256, srp.NG_1024) - auth = None - try: - auth = _authenticate(api_uri, api_version, usr).json() - except requests.exceptions.ConnectionError: - _fail('Could not connect to server.') - if 'errors' in auth: - _fail(str(auth['errors'])) - return api_uri, api_version, auth - - -def _authenticate(api_uri, api_version, usr): - api_url = "%s/%s" % (api_uri, api_version) - session = requests.session() - uname, A = usr.start_authentication() - params = {'login': uname, 'A': binascii.hexlify(A)} - init = session.post( - api_url + '/sessions', data=params, verify=False).json() - if 'errors' in init: - _fail('test user not found') - M = usr.process_challenge( - safe_unhexlify(init['salt']), safe_unhexlify(init['B'])) - return session.put(api_url + '/sessions/' + uname, verify=False, - data={'client_auth': binascii.hexlify(M)}) - - -def _get_soledad_info(username, provider, passphrase, basedir): - api_uri, api_version = _get_api_info(provider) - auth = _login(username, passphrase, provider, api_uri, api_version) - # get soledad server url - service_url = '%s/%s/config/soledad-service.json' % \ - (api_uri, api_version) - soledad_hosts = requests.get(service_url, verify=False).json()['hosts'] - hostnames = soledad_hosts.keys() - # allow for choosing the host - host = hostnames[0] - if len(hostnames) > 1: - i = 1 - print "There are many available hosts:" - for h in hostnames: - print " (%d) %s.%s" % (i, h, provider) - i += 1 - choice = raw_input("Choose a host to use (default: 1): ") - if choice != '': - host = hostnames[int(choice) - 1] - server_url = 'https://%s:%d/user-%s' % \ - (soledad_hosts[host]['hostname'], soledad_hosts[host]['port'], - auth[2]['id']) - # get provider ca certificate - ca_cert = requests.get('https://%s/ca.crt' % provider, verify=False).text - cert_file = os.path.join(basedir, 'ca.crt') - with open(cert_file, 'w') as f: - f.write(ca_cert) - return auth[2]['id'], server_url, cert_file, auth[2]['token'] - - -def _get_passphrase(args): - passphrase = args.passphrase - if passphrase is None: - passphrase = getpass.getpass( - 'Password for %s@%s: ' % (args.username, args.provider)) - return passphrase - - -def _get_basedir(args): - basedir = args.basedir - if basedir is None: - basedir = tempfile.mkdtemp() - elif not os.path.isdir(basedir): - os.mkdir(basedir) - logger.info('Using %s as base directory.' % basedir) - return basedir - - -@inlineCallbacks -def _export_key(args, km, fname, private=False): - address = args.username + "@" + args.provider - pkey = yield km.get_key( - address, OpenPGPKey, private=private, fetch_remote=False) - with open(args.export_private_key, "w") as f: - f.write(pkey.key_data) - - -@inlineCallbacks -def _export_incoming_messages(soledad, directory): - yield soledad.create_index("by-incoming", "bool(incoming)") - docs = yield soledad.get_from_index("by-incoming", '1') - i = 1 - for doc in docs: - with open(os.path.join(directory, "message_%d.gpg" % i), "w") as f: - f.write(doc.content["_enc_json"]) - i += 1 - - -@inlineCallbacks -def _get_all_docs(soledad): - _, docs = yield soledad.get_all_docs() - for doc in docs: - print json.dumps(doc.content, indent=4) diff --git a/tests/helpers/couchdb_helper.rb b/tests/helpers/couchdb_helper.rb deleted file mode 100644 index efb2c2bf..00000000 --- a/tests/helpers/couchdb_helper.rb +++ /dev/null @@ -1,143 +0,0 @@ -class LeapTest - - # - # generates a couchdb url for when couchdb is running - # remotely and is available via stunnel. - # - # example properties: - # - # stunnel: - # clients: - # couch_client: - # couch1_5984: - # accept_port: 4000 - # connect: couch1.bitmask.i - # connect_port: 15984 - # - def couchdb_urls_via_stunnel(path="", options=nil) - path = path.gsub('"', '%22') - if options && options[:username] && options[:password] - userpart = "%{username}:%{password}@" % options - else - userpart = "" - end - assert_property('stunnel.clients.couch_client').values.collect do |stunnel_conf| - assert port = stunnel_conf['accept_port'], 'Field `accept_port` must be present in `stunnel` property.' - URLString.new("http://#{userpart}localhost:#{port}#{path}").tap {|url| - remote_ip_address = TCPSocket.gethostbyname(stunnel_conf['connect']).last - url.memo = "(via stunnel to %s:%s, aka %s)" % [stunnel_conf['connect'], stunnel_conf['connect_port'], remote_ip_address] - } - end - end - - # - # generates a couchdb url for accessing couchdb via haproxy - # - # example properties: - # - # haproxy: - # couch: - # listen_port: 4096 - # servers: - # panda: - # backup: false - # host: localhost - # port: 4000 - # weight: 100 - # writable: true - # - def couchdb_url_via_haproxy(path="", options=nil) - path = path.gsub('"', '%22') - if options && options[:username] && options[:password] - userpart = "%{username}:%{password}@" % options - else - userpart = "" - end - port = assert_property('haproxy.couch.listen_port') - return URLString.new("http://#{userpart}localhost:#{port}#{path}").tap { |url| - url.memo = '(via haproxy)' - } - end - - # - # generates a couchdb url for when couchdb is running locally. - # - # example properties: - # - # couch: - # port: 5984 - # - def couchdb_url_via_localhost(path="", options=nil) - path = path.gsub('"', '%22') - port = (options && options[:port]) || assert_property('couch.port') - if options && options[:username] - password = property("couch.users.%{username}.password" % options) - userpart = "%s:%s@" % [options[:username], password] - else - userpart = "" - end - return URLString.new("http://#{userpart}localhost:#{port}#{path}").tap { |url| - url.memo = '(via direct localhost connection)' - } - end - - # - # returns a single url for accessing couchdb - # - def couchdb_url(path="", options=nil) - if property('couch.port') - couchdb_url_via_localhost(path, options) - elsif property('stunnel.clients.couch_client') - couchdb_urls_via_stunnel(path, options).first - end - end - - # - # returns an array of urls for accessing couchdb - # - def couchdb_urls(path="", options=nil) - if property('couch.port') - [couchdb_url_via_localhost(path, options)] - elsif property('stunnel.clients.couch_client') - couchdb_urls_via_stunnel(path, options) - end - end - - def assert_destroy_user_db(user_id, options=nil) - db_name = "user-#{user_id}" - url = couchdb_url("/#{db_name}", options) - http_options = {:ok_codes => [200, 404]} # ignore missing dbs - assert_delete(url, nil, http_options) - end - - def assert_create_user_db(user_id, options=nil) - db_name = "user-#{user_id}" - url = couchdb_url("/#{db_name}", options) - http_options = {:ok_codes => [200, 404]} # ignore missing dbs - assert_put(url, nil, :format => :json) do |body| - assert response = JSON.parse(body), "PUT response should be JSON" - assert response["ok"], "PUT response should be OK" - end - end - - # - # returns true if the per-user db created by soledad-server exists. - # - def user_db_exists?(user_id, options=nil) - options = {:username => 'admin'}.merge(options || {}) - db_name = "user-#{user_id}" - url = couchdb_url("/#{db_name}", options) - get(url) do |body, response, error| - if response.nil? - fail "could not query couchdb #{url}: #{error}\n#{body}" - elsif response.code.to_i == 200 - return true - elsif response.code.to_i == 404 - return false - else - fail ["could not query couchdb #{url}: expected response code 200 or 404, but got #{response.code}.", error, body].compact.join("\n") - end - end - end - -end \ No newline at end of file diff --git a/tests/helpers/files_helper.rb b/tests/helpers/files_helper.rb deleted file mode 100644 index d6795889..00000000 --- a/tests/helpers/files_helper.rb +++ /dev/null @@ -1,54 +0,0 @@ -class LeapTest - - # - # Matches the regexp in the file, and returns the first matched string (or fails if no match). - # - def file_match(filename, regexp) - if match = File.read(filename).match(regexp) - match.captures.first - else - fail "Regexp #{regexp.inspect} not found in file #{filename.inspect}." - end - end - - # - # Matches the regexp in the file, and returns array of matched strings (or fails if no match). - # - def file_matches(filename, regexp) - if match = File.read(filename).match(regexp) - match.captures - else - fail "Regexp #{regexp.inspect} not found in file #{filename.inspect}." - end - end - - # - # checks to make sure the given property path exists in $node (e.g. hiera.yaml) - # and returns the value - # - def assert_property(property) - latest = $node - property.split('.').each do |segment| - latest = latest[segment] - fail "Required node property `#{property}` is missing." if latest.nil? - end - return latest - end - - # - # a handy function to get the value of a long property path - # without needing to test the existance individually of each part - # in the tree. - # - # e.g. property("stunnel.clients.couch_client") - # - def property(property) - latest = $node - property.split('.').each do |segment| - latest = latest[segment] - return nil if latest.nil? - end - return latest - end - -end \ No newline at end of file diff --git a/tests/helpers/http_helper.rb b/tests/helpers/http_helper.rb deleted file mode 100644 index 0d0bb7d5..00000000 --- a/tests/helpers/http_helper.rb +++ /dev/null @@ -1,157 +0,0 @@ -require 'net/http' - -class LeapTest - - # - # In order to easily provide detailed error messages, it is useful - # to append a memo to a url string that details what this url is for - # (e.g. stunnel, haproxy, etc). - # - # So, the url happens to be a UrlString, the memo field is used - # if there is an error in assert_get. - # - class URLString < String - attr_accessor :memo - end - - # - # aliases for http_send() - # - def get(url, params=nil, options=nil, &block) - http_send("GET", url, params, options, &block) - end - def delete(url, params=nil, options=nil, &block) - http_send("DELETE", url, params, options, &block) - end - def post(url, params=nil, options=nil, &block) - http_send("POST", url, params, options, &block) - end - def put(url, params=nil, options=nil, &block) - http_send("PUT", url, params, options, &block) - end - - # - # send a GET, DELETE, POST, or PUT - # yields |body, response, error| - # - def http_send(method, url, params=nil, options=nil) - options ||= {} - response = nil - - # build uri - uri = URI(url) - if params && (method == 'GET' || method == 'DELETE') - uri.query = URI.encode_www_form(params) - end - - # build http - http = Net::HTTP.new uri.host, uri.port - if uri.scheme == 'https' - http.verify_mode = OpenSSL::SSL::VERIFY_NONE - http.use_ssl = true - end - - # build request - request = build_request(method, uri, params, options) - - # make http request - http.start do |agent| - response = agent.request(request) - yield response.body, response, nil - end - rescue => exc - yield nil, response, exc - end - - # - # Aliases for assert_http_send() - # - def assert_get(url, params=nil, options=nil, &block) - assert_http_send("GET", url, params, options, &block) - end - def assert_delete(url, params=nil, options=nil, &block) - assert_http_send("DELETE", url, params, options, &block) - end - def assert_post(url, params=nil, options=nil, &block) - assert_http_send("POST", url, params, options, &block) - end - def assert_put(url, params=nil, options=nil, &block) - assert_http_send("PUT", url, params, options, &block) - end - - # - # calls http_send, yielding results if successful or failing with - # descriptive info otherwise. - # - # options: - # - error_msg: custom error message to display. - # - ok_codes: in addition to 2xx, codes in this array will not produce an error. - # - def assert_http_send(method, url, params=nil, options=nil, &block) - options ||= {} - error_msg = options[:error_msg] || (url.respond_to?(:memo) ? url.memo : nil) - http_send(method, url, params, options) do |body, response, error| - if response - code = response.code.to_i - ok = code >= 200 && code < 300 - if options[:ok_codes] - ok ||= options[:ok_codes].include?(code) - end - if ok - if block - yield(body) if block.arity == 1 - yield(body, response) if block.arity == 2 - yield(body, response, error) if block.arity == 3 - end - else - fail ["Expected success code from #{method} #{url}, but got #{response.code} instead.", error_msg, body].compact.join("\n") - end - else - fail ["Expected a response from #{method} #{url}, but got \"#{error}\" instead.", error_msg, body].compact.join("\n"), error - end - end - end - - # - # only a warning for now, should be a failure in the future - # - def assert_auth_fail(url, params) - uri = URI(url) - get(url, params) do |body, response, error| - unless response.code.to_s == "401" - warn "Expected a '401 Unauthorized' response, but got #{response.code} instead (GET #{uri.request_uri} with username '#{uri.user}')." - return false - end - end - true - end - - private - - def build_request(method, uri, params, options) - request = case method - when "GET" then Net::HTTP::Get.new(uri.request_uri) - when "DELETE" then Net::HTTP::Delete.new(uri.request_uri) - when "POST" then Net::HTTP::Post.new(uri.request_uri) - when "PUT" then Net::HTTP::Put.new(uri.request_uri) - end - if uri.user - request.basic_auth uri.user, uri.password - end - if params && (method == 'POST' || method == 'PUT') - if options[:format] == :json || options[:format] == 'json' - request["Content-Type"] = "application/json" - request.body = params.to_json - else - request.set_form_data(params) if params - end - end - if options[:headers] - options[:headers].each do |key, value| - request[key] = value - end - end - request - end - -end \ No newline at end of file diff --git a/tests/helpers/network_helper.rb b/tests/helpers/network_helper.rb deleted file mode 100644 index 713d57aa..00000000 --- a/tests/helpers/network_helper.rb +++ /dev/null @@ -1,79 +0,0 @@ -class LeapTest - - # - # tcp connection helper with timeout - # - def try_tcp_connect(host, port, timeout = 5) - addr = Socket.getaddrinfo(host, nil) - sockaddr = Socket.pack_sockaddr_in(port, addr[0][3]) - - Socket.new(Socket.const_get(addr[0][0]), Socket::SOCK_STREAM, 0).tap do |socket| - socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1) - begin - socket.connect_nonblock(sockaddr) - rescue IO::WaitReadable - if IO.select([socket], nil, nil, timeout) == nil - raise "Connection timeout" - else - socket.connect_nonblock(sockaddr) - end - rescue IO::WaitWritable - if IO.select(nil, [socket], nil, timeout) == nil - raise "Connection timeout" - else - socket.connect_nonblock(sockaddr) - end - end - return socket - end - end - - def try_tcp_write(socket, timeout = 5) - begin - socket.write_nonblock("\0") - rescue IO::WaitReadable - if IO.select([socket], nil, nil, timeout) == nil - raise "Write timeout" - else - retry - end - rescue IO::WaitWritable - if IO.select(nil, [socket], nil, timeout) == nil - raise "Write timeout" - else - retry - end - end - end - - def try_tcp_read(socket, timeout = 5) - begin - socket.read_nonblock(1) - rescue IO::WaitReadable - if IO.select([socket], nil, nil, timeout) == nil - raise "Read timeout" - else - retry - end - rescue IO::WaitWritable - if IO.select(nil, [socket], nil, timeout) == nil - raise "Read timeout" - else - retry - end - end - end - - def assert_tcp_socket(host, port, msg=nil) - begin - socket = try_tcp_connect(host, port, 1) - #try_tcp_write(socket,1) - #try_tcp_read(socket,1) - rescue StandardError => exc - fail ["Failed to open socket #{host}:#{port}", exc, msg].compact.join("\n") - ensure - socket.close if socket - end - end - -end \ No newline at end of file diff --git a/tests/helpers/os_helper.rb b/tests/helpers/os_helper.rb deleted file mode 100644 index 9923d5b1..00000000 --- a/tests/helpers/os_helper.rb +++ /dev/null @@ -1,41 +0,0 @@ -class LeapTest - - # - # works like pgrep command line - # return an array of hashes like so [{:pid => "1234", :process => "ls"}] - # - def pgrep(match) - output = `pgrep --full --list-name '#{match}'` - output.each_line.map{|line| - pid = line.split(' ')[0] - process = line.gsub(/(#{pid} |\n)/, '') - # filter out pgrep cmd itself - # on wheezy hosts, the "process" var contains the whole cmd including all parameters - # on jessie hosts, it only contains the first cmd (which is the default sheel invoked by 'sh') - if process =~ /^sh/ - nil - else - {:pid => pid, :process => process} - end - }.compact - end - - def assert_running(process, options={}) - processes = pgrep(process) - assert processes.any?, "No running process for #{process}" - if options[:single] - assert processes.length == 1, "More than one process for #{process}" - end - end - - # - # runs the specified command, failing on a non-zero exit status. - # - def assert_run(command) - output = `#{command} 2>&1` - if $?.exitstatus != 0 - fail "Error running `#{command}`:\n#{output}" - end - end - -end \ No newline at end of file diff --git a/tests/helpers/smtp_helper.rb b/tests/helpers/smtp_helper.rb deleted file mode 100644 index ea7fb9fa..00000000 --- a/tests/helpers/smtp_helper.rb +++ /dev/null @@ -1,45 +0,0 @@ -require 'net/smtp' - -class LeapTest - - TEST_EMAIL_USER = "test_user_email" - TEST_BAD_USER = "test_user_bad" - - MSG_BODY = %(Since it seems that any heart which beats for freedom has the right only to a -lump of lead, I too claim my share. If you let me live, I shall never stop -crying for revenge and I shall avenge my brothers. I have finished. If you are -not cowards, kill me! - ---Louise Michel) - - def send_email(recipient, options={}) - sender = options[:sender] || recipient - helo_domain = property('domain.full_suffix') - headers = { - "Date" => Time.now.utc, - "From" => sender, - "To" => recipient, - "Subject" => "Test Message", - "X-LEAP-TEST" => "true" - }.merge(options[:headers]||{}) - message = [] - headers.each do |key, value| - message << "#{key}: #{value}" - end - message << "" - message << MSG_BODY - Net::SMTP.start('localhost', 25, helo_domain) do |smtp| - smtp.send_message message.join("\n"), recipient, sender - end - end - - def assert_send_email(recipient, options={}) - begin - send_email(recipient, options) - rescue IOError, Net::OpenTimeout, - Net::ReadTimeout, Net::SMTPError => e - fail "Could not send mail to #{recipient} (#{e})" - end - end - -end \ No newline at end of file diff --git a/tests/helpers/soledad_sync.py b/tests/helpers/soledad_sync.py deleted file mode 100755 index f4fc81ae..00000000 --- a/tests/helpers/soledad_sync.py +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/env python -""" -soledad_sync.py - -This script exercises soledad synchronization. -Its exit code is 0 if the sync took place correctly, 1 otherwise. - -It takes 5 arguments: - - uuid: uuid of the user to sync - token: a valid session token - server: the url of the soledad server we should connect to - cert_file: the file containing the certificate for the CA that signed the - cert for the soledad server. - password: the password for the user to sync - -__author__: kali@leap.se -""" -import os -import shutil -import sys -import tempfile - -# This is needed because the twisted shipped with wheezy is too old -# to do proper ssl verification. -os.environ['SKIP_TWISTED_SSL_CHECK'] = '1' - -from twisted.internet import defer, reactor -from twisted.python import log - -from client_side_db import get_soledad_instance -from leap.common.events import flags - -flags.set_events_enabled(False) - -NUMDOCS = 1 -USAGE = "Usage: %s uuid token server cert_file password" % sys.argv[0] - - -def bail(msg, exitcode): - print "[!] %s" % msg - sys.exit(exitcode) - - -def create_docs(soledad): - """ - Populates the soledad database with dummy messages, so we can exercise - sending payloads during the sync. - """ - deferreds = [] - for index in xrange(NUMDOCS): - deferreds.append(soledad.create_doc({'payload': 'dummy'})) - return defer.gatherResults(deferreds) - -# main program - -if __name__ == '__main__': - - tempdir = tempfile.mkdtemp() - - def rm_tempdir(): - shutil.rmtree(tempdir) - - if len(sys.argv) < 6: - bail(USAGE, 2) - - uuid, token, server, cert_file, passphrase = sys.argv[1:] - s = get_soledad_instance( - uuid, passphrase, tempdir, server, cert_file, token) - - def onSyncDone(sync_result): - print "SYNC_RESULT:", sync_result - s.close() - rm_tempdir() - reactor.stop() - - def log_and_exit(f): - log.err(f) - rm_tempdir() - reactor.stop() - - def start_sync(): - d = create_docs(s) - d.addCallback(lambda _: s.sync()) - d.addCallback(onSyncDone) - d.addErrback(log_and_exit) - - reactor.callWhenRunning(start_sync) - reactor.run() diff --git a/tests/helpers/srp_helper.rb b/tests/helpers/srp_helper.rb deleted file mode 100644 index b30fa768..00000000 --- a/tests/helpers/srp_helper.rb +++ /dev/null @@ -1,171 +0,0 @@ -# -# Here are some very stripped down helper methods for SRP, useful only for -# testing the client side. -# - -require 'digest' -require 'openssl' -require 'securerandom' -require 'base64' - -module SRP - - ## - ## UTIL - ## - - module Util - PRIME_N = <<-EOS.split.join.hex -115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3 - EOS - BIG_PRIME_N = <<-EOS.split.join.hex # 1024 bits modulus (N) -eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c25657 -6d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089da -d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5 -7ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb -06e3 - EOS - GENERATOR = 2 # g - - def hn_xor_hg - byte_xor_hex(sha256_int(BIG_PRIME_N), sha256_int(GENERATOR)) - end - - # a^n (mod m) - def modpow(a, n, m = BIG_PRIME_N) - r = 1 - while true - r = r * a % m if n[0] == 1 - n >>= 1 - return r if n == 0 - a = a * a % m - end - end - - # Hashes the (long) int args - def sha256_int(*args) - sha256_hex(*args.map{|a| "%02x" % a}) - end - - # Hashes the hex args - def sha256_hex(*args) - h = args.map{|a| a.length.odd? ? "0#{a}" : a }.join('') - sha256_str([h].pack('H*')) - end - - def sha256_str(s) - Digest::SHA2.hexdigest(s) - end - - def bigrand(bytes) - OpenSSL::Random.random_bytes(bytes).unpack("H*")[0] - end - - def multiplier - @muliplier ||= calculate_multiplier - end - - protected - - def calculate_multiplier - sha256_int(BIG_PRIME_N, GENERATOR).hex - end - - def byte_xor_hex(a, b) - a = [a].pack('H*') - b = [b].pack('H*') - a.bytes.each_with_index.map do |a_byte, i| - (a_byte ^ (b[i].ord || 0)).chr - end.join - end - end - - ## - ## SESSION - ## - - class Session - include SRP::Util - attr_accessor :user - attr_accessor :bb - - def initialize(user, aa=nil) - @user = user - @a = bigrand(32).hex - end - - def m - @m ||= sha256_hex(n_xor_g_long, login_hash, @user.salt.to_s(16), aa, bb, k) - end - - def aa - @aa ||= modpow(GENERATOR, @a).to_s(16) # A = g^a (mod N) - end - - protected - - # client: K = H( (B - kg^x) ^ (a + ux) ) - def client_secret - base = bb.hex - base -= modpow(GENERATOR, @user.private_key) * multiplier - base = base % BIG_PRIME_N - modpow(base, @user.private_key * u.hex + @a) - end - - def k - @k ||= sha256_int(client_secret) - end - - def n_xor_g_long - @n_xor_g_long ||= hn_xor_hg.bytes.map{|b| "%02x" % b.ord}.join - end - - def login_hash - @login_hash ||= sha256_str(@user.username) - end - - def u - @u ||= sha256_hex(aa, bb) - end - end - - ## - ## Dummy USER - ## - - class User - include SRP::Util - - attr_accessor :username, :password, :salt, :verifier, :id, :session_token, :ok, :deleted - - def initialize(username=nil) - @username = username || "tmp_user_" + SecureRandom.urlsafe_base64(10).downcase.gsub(/[_-]/, '') - @password = "password_" + SecureRandom.urlsafe_base64(10) - @salt = bigrand(4).hex - @verifier = modpow(GENERATOR, private_key) - @ok = false - @deleted = false - end - - def private_key - @private_key ||= calculate_private_key - end - - def to_params - { - 'user[login]' => @username, - 'user[password_verifier]' => @verifier.to_s(16), - 'user[password_salt]' => @salt.to_s(16) - } - end - - private - - def calculate_private_key - shex = '%x' % [@salt] - inner = sha256_str([@username, @password].join(':')) - sha256_hex(shex, inner).hex - end - end - -end diff --git a/tests/order.rb b/tests/order.rb deleted file mode 100644 index 14aad9be..00000000 --- a/tests/order.rb +++ /dev/null @@ -1,22 +0,0 @@ -class LeapCli::Config::Node - # - # returns a list of node names that should be tested before this node. - # make sure to not return ourselves (please no dependency loops!). - # - # NOTE: this method determines the order that nodes are tested in. To specify - # the order of tests on a particular node, each test can call class method - # LeapTest.depends_on(). - # - def test_dependencies - dependents = LeapCli::Config::ObjectList.new - - # webapp, mx, and soledad depend on couchdb nodes - if services.include?('webapp') || services.include?('mx') || services.include?('soledad') - if !services.include?('couchdb') - dependents.merge! nodes_like_me[:services => 'couchdb'] - end - end - - dependents.keys.delete_if {|name| self.name == name} - end -end \ No newline at end of file diff --git a/tests/server-tests/README.md b/tests/server-tests/README.md new file mode 100644 index 00000000..29db2e06 --- /dev/null +++ b/tests/server-tests/README.md @@ -0,0 +1,44 @@ +Tests for Server +--------------------------------- + +The tests in this directory are run against the servers of a live running +provider. + +Usage +--------------------------------- + +To run the tests from a local workstation: + + workstation$ cd + workstation$ leap test + +To run the tests from the server itself: + + workstation$ leap ssh servername + servername# run_tests + +Notes +--------------------------------- + +server-tests/white-box/ + + These tests are run on the server as superuser. They are for + troubleshooting any problems with the internal setup of the server. + +server-tests/black-box/ + + These test are run the user's local machine. They are for troubleshooting + any external problems with the service exposed by the server. + +Additional Files +--------------------------------- + +server-tests/helpers/ + + Utility functions made available to all tests. + +server-tests/order.rb + + Configuration file to specify which nodes should be tested in which order. + + diff --git a/tests/server-tests/helpers/bonafide_helper.rb b/tests/server-tests/helpers/bonafide_helper.rb new file mode 100644 index 00000000..5b886228 --- /dev/null +++ b/tests/server-tests/helpers/bonafide_helper.rb @@ -0,0 +1,235 @@ +# +# helper for the communication with the provider API for creating, authenticating, and deleting accounts. +# + +class LeapTest + + def assert_tmp_user + user = assert_create_user + assert_authenticate_user(user) + yield user if block_given? + assert_delete_user(user) + rescue StandardError, MiniTest::Assertion => exc + begin + assert_delete_user(user) + rescue + end + raise exc + end + + # + # attempts to create a user account via the API, + # returning the user object if successful. + # + def assert_create_user(username=nil, auth=nil) + user = SRP::User.new(username) + url = api_url("/users.json") + params = user.to_params + if auth + options = api_options(:auth => auth) + else + options = api_options + if property('webapp.invite_required') + @invite_code = generate_invite_code + params['user[invite_code]'] = @invite_code + end + end + + assert_post(url, params, options) do |body| + assert response = JSON.parse(body), 'response should be JSON' + assert response['ok'], "Creating a user should be successful, got #{response.inspect} instead." + user.ok = true + user.id = response['id'] + end + return user + end + + # TODO: use the api for this instead. + def generate_invite_code + `cd /srv/leap/webapp/ && sudo -u leap-webapp RAILS_ENV=production bundle exec rake generate_invites[1]`.gsub(/\n/, "") + end + + # + # attempts to authenticate user. if successful, + # user object is updated with id and session token. + # + def assert_authenticate_user(user) + url = api_url("/sessions.json") + session = SRP::Session.new(user) + params = {'login' => user.username, 'A' => session.aa} + assert_post(url, params, api_options) do |body, response| + cookie = response['Set-Cookie'].split(';').first + assert(response = JSON.parse(body), 'response should be JSON') + assert(session.bb = response["B"], 'response should include "B"') + url = api_url("/sessions/login.json") + params = {'client_auth' => session.m, 'A' => session.aa} + assert_put(url, params, api_options('Cookie' => cookie)) do |body| + assert(response = JSON.parse(body), 'response should be JSON') + assert(response['M2'], 'response should include M2') + user.session_token = response['token'] + user.id = response['id'] + assert(user.session_token, 'response should include token') + assert(user.id, 'response should include user id') + end + end + end + + # + # attempts to destroy a user account via the API. + # + def assert_delete_user(user) + if user.is_a? String + assert_delete_user_by_login(user) + elsif user.is_a? SRP::User + assert_delete_srp_user(user) + end + end + + # + # returns true if the identity exists, uses monitor token auth + # + def identity_exists?(address) + url = api_url("/identities/#{URI.encode(address)}.json") + options = {:ok_codes => [200, 404]}.merge( + api_options(:auth => :monitor) + ) + assert_get(url, nil, options) do |body, response| + return response.code == "200" + end + end + + def upload_public_key(user_id, public_key) + url = api_url("/users/#{user_id}.json") + params = {"user[public_key]" => public_key} + assert_put(url, params, api_options(:auth => :monitor)) + end + + # + # return user document as a Hash. uses monitor token auth + # + def find_user_by_id(user_id) + url = api_url("/users/#{user_id}.json") + assert_get(url, nil, api_options(:auth => :monitor)) do |body| + return JSON.parse(body) + end + end + + # + # return user document as a Hash. uses monitor token auth + # NOTE: this relies on deprecated behavior of the API + # and will not work when multi-domain support is added. + # + def find_user_by_login(login) + url = api_url("/users/0.json?login=#{login}") + options = {:ok_codes => [200, 404]}.merge( + api_options(:auth => :monitor) + ) + assert_get(url, nil, options) do |body, response| + if response.code == "200" + return JSON.parse(body) + else + return nil + end + end + end + + private + + def api_url(path) + unless path =~ /^\// + path = '/' + path + end + if property('testing.api_uri') + return property('testing.api_uri') + path + elsif property('api') + api = property('api') + return "https://%{domain}:%{port}/%{version}#{path}" % { + :domain => api['domain'], + :port => api['port'], + :version => api['version'] || 1 + } + else + fail 'This node needs to have either testing.api_url or api.{domain,port} configured.' + end + end + + # + # produces an options hash used for api http requests. + # + # argument options hash gets added to "headers" + # of the http request. + # + # special :auth key in argument will expand to + # add api_token_auth header. + # + # if you want to try manually: + # + # export API_URI=`grep api_uri /etc/leap/hiera.yaml | cut -d\" -f2` + # export TOKEN=`grep monitor_auth_token /etc/leap/hiera.yaml | awk '{print $2}'` + # curl -H "Accept: application/json" -H "Token: $TOKEN" $API_URI + # + def api_options(options={}) + # note: must be :headers, not "headers" + hsh = { + :headers => { + "Accept" => "application/json" + } + } + if options[:auth] + hsh[:headers].merge!(api_token_auth(options.delete(:auth))) + end + hsh[:headers].merge!(options) + return hsh + end + + # + # add token authentication to a http request. + # + # returns a hash suitable for adding to the 'headers' option + # of an http function. + # + def api_token_auth(token) + if token.is_a?(Symbol) && property('testing') + if token == :monitor + token_str = property('testing.monitor_auth_token') + else + raise ArgumentError.new 'no such token' + end + else + token_str = token + end + {"Authorization" => "Token token=\"#{token_str}\""} + end + + # + # not actually used in any test, but useful when + # writing new tests. + # + def assert_delete_user_by_login(login_name) + user = find_user_by_login(login_name) + url = api_url("/users/#{user['id']}.json") + params = {:identities => 'destroy'} + delete(url, params, api_options(:auth => :monitor)) do |body, response, error| + assert error.nil?, "Error deleting user: #{error}" + assert response.code.to_i == 200, "Unable to delete user: HTTP response from API should have code 200, was #{response.code} #{error} #{body}" + assert(response = JSON.parse(body), 'Delete response should be JSON') + assert(response["success"], 'Deleting user should be a success') + end + end + + def assert_delete_srp_user(user) + if user && user.ok && user.id && user.session_token && !user.deleted + url = api_url("users/#{user.id}.json") + params = {:identities => 'destroy'} + user.deleted = true + delete(url, params, api_options(:auth => user.session_token)) do |body, response, error| + assert error.nil?, "Error deleting user: #{error}" + assert response.code.to_i == 200, "Unable to delete user: HTTP response from API should have code 200, was #{response.code} #{error} #{body}" + assert(response = JSON.parse(body), 'Delete response should be JSON') + assert(response["success"], 'Deleting user should be a success') + end + end + end + + +end diff --git a/tests/server-tests/helpers/client_side_db.py b/tests/server-tests/helpers/client_side_db.py new file mode 100644 index 00000000..2f8c220f --- /dev/null +++ b/tests/server-tests/helpers/client_side_db.py @@ -0,0 +1,167 @@ +import logging +import os +import tempfile +import getpass +import binascii +import json + +try: + import requests + import srp._pysrp as srp +except ImportError: + pass + +from twisted.internet.defer import inlineCallbacks + +from leap.soledad.client import Soledad + + +""" +Helper functions to give access to client-side Soledad database. +Copied over from soledad/scripts folder. +""" + +# create a logger +logger = logging.getLogger(__name__) + +# DEBUG: enable debug logs +# LOG_FORMAT = '%(asctime)s %(message)s' +# logging.basicConfig(format=LOG_FORMAT, level=logging.DEBUG) + + +safe_unhexlify = lambda x: binascii.unhexlify(x) if ( + len(x) % 2 == 0) else binascii.unhexlify('0' + x) + + +def _fail(reason): + logger.error('Fail: ' + reason) + exit(2) + + +def get_soledad_instance(uuid, passphrase, basedir, server_url, cert_file, + token): + # setup soledad info + logger.info('UUID is %s' % uuid) + logger.info('Server URL is %s' % server_url) + secrets_path = os.path.join( + basedir, '%s.secret' % uuid) + local_db_path = os.path.join( + basedir, '%s.db' % uuid) + # instantiate soledad + return Soledad( + uuid, + unicode(passphrase), + secrets_path=secrets_path, + local_db_path=local_db_path, + server_url=server_url, + cert_file=cert_file, + auth_token=token, + defer_encryption=True) + + +def _get_api_info(provider): + info = requests.get( + 'https://'+provider+'/provider.json', verify=False).json() + return info['api_uri'], info['api_version'] + + +def _login(username, passphrase, provider, api_uri, api_version): + usr = srp.User(username, passphrase, srp.SHA256, srp.NG_1024) + auth = None + try: + auth = _authenticate(api_uri, api_version, usr).json() + except requests.exceptions.ConnectionError: + _fail('Could not connect to server.') + if 'errors' in auth: + _fail(str(auth['errors'])) + return api_uri, api_version, auth + + +def _authenticate(api_uri, api_version, usr): + api_url = "%s/%s" % (api_uri, api_version) + session = requests.session() + uname, A = usr.start_authentication() + params = {'login': uname, 'A': binascii.hexlify(A)} + init = session.post( + api_url + '/sessions', data=params, verify=False).json() + if 'errors' in init: + _fail('test user not found') + M = usr.process_challenge( + safe_unhexlify(init['salt']), safe_unhexlify(init['B'])) + return session.put(api_url + '/sessions/' + uname, verify=False, + data={'client_auth': binascii.hexlify(M)}) + + +def _get_soledad_info(username, provider, passphrase, basedir): + api_uri, api_version = _get_api_info(provider) + auth = _login(username, passphrase, provider, api_uri, api_version) + # get soledad server url + service_url = '%s/%s/config/soledad-service.json' % \ + (api_uri, api_version) + soledad_hosts = requests.get(service_url, verify=False).json()['hosts'] + hostnames = soledad_hosts.keys() + # allow for choosing the host + host = hostnames[0] + if len(hostnames) > 1: + i = 1 + print "There are many available hosts:" + for h in hostnames: + print " (%d) %s.%s" % (i, h, provider) + i += 1 + choice = raw_input("Choose a host to use (default: 1): ") + if choice != '': + host = hostnames[int(choice) - 1] + server_url = 'https://%s:%d/user-%s' % \ + (soledad_hosts[host]['hostname'], soledad_hosts[host]['port'], + auth[2]['id']) + # get provider ca certificate + ca_cert = requests.get('https://%s/ca.crt' % provider, verify=False).text + cert_file = os.path.join(basedir, 'ca.crt') + with open(cert_file, 'w') as f: + f.write(ca_cert) + return auth[2]['id'], server_url, cert_file, auth[2]['token'] + + +def _get_passphrase(args): + passphrase = args.passphrase + if passphrase is None: + passphrase = getpass.getpass( + 'Password for %s@%s: ' % (args.username, args.provider)) + return passphrase + + +def _get_basedir(args): + basedir = args.basedir + if basedir is None: + basedir = tempfile.mkdtemp() + elif not os.path.isdir(basedir): + os.mkdir(basedir) + logger.info('Using %s as base directory.' % basedir) + return basedir + + +@inlineCallbacks +def _export_key(args, km, fname, private=False): + address = args.username + "@" + args.provider + pkey = yield km.get_key( + address, OpenPGPKey, private=private, fetch_remote=False) + with open(args.export_private_key, "w") as f: + f.write(pkey.key_data) + + +@inlineCallbacks +def _export_incoming_messages(soledad, directory): + yield soledad.create_index("by-incoming", "bool(incoming)") + docs = yield soledad.get_from_index("by-incoming", '1') + i = 1 + for doc in docs: + with open(os.path.join(directory, "message_%d.gpg" % i), "w") as f: + f.write(doc.content["_enc_json"]) + i += 1 + + +@inlineCallbacks +def _get_all_docs(soledad): + _, docs = yield soledad.get_all_docs() + for doc in docs: + print json.dumps(doc.content, indent=4) diff --git a/tests/server-tests/helpers/couchdb_helper.rb b/tests/server-tests/helpers/couchdb_helper.rb new file mode 100644 index 00000000..efb2c2bf --- /dev/null +++ b/tests/server-tests/helpers/couchdb_helper.rb @@ -0,0 +1,143 @@ +class LeapTest + + # + # generates a couchdb url for when couchdb is running + # remotely and is available via stunnel. + # + # example properties: + # + # stunnel: + # clients: + # couch_client: + # couch1_5984: + # accept_port: 4000 + # connect: couch1.bitmask.i + # connect_port: 15984 + # + def couchdb_urls_via_stunnel(path="", options=nil) + path = path.gsub('"', '%22') + if options && options[:username] && options[:password] + userpart = "%{username}:%{password}@" % options + else + userpart = "" + end + assert_property('stunnel.clients.couch_client').values.collect do |stunnel_conf| + assert port = stunnel_conf['accept_port'], 'Field `accept_port` must be present in `stunnel` property.' + URLString.new("http://#{userpart}localhost:#{port}#{path}").tap {|url| + remote_ip_address = TCPSocket.gethostbyname(stunnel_conf['connect']).last + url.memo = "(via stunnel to %s:%s, aka %s)" % [stunnel_conf['connect'], stunnel_conf['connect_port'], remote_ip_address] + } + end + end + + # + # generates a couchdb url for accessing couchdb via haproxy + # + # example properties: + # + # haproxy: + # couch: + # listen_port: 4096 + # servers: + # panda: + # backup: false + # host: localhost + # port: 4000 + # weight: 100 + # writable: true + # + def couchdb_url_via_haproxy(path="", options=nil) + path = path.gsub('"', '%22') + if options && options[:username] && options[:password] + userpart = "%{username}:%{password}@" % options + else + userpart = "" + end + port = assert_property('haproxy.couch.listen_port') + return URLString.new("http://#{userpart}localhost:#{port}#{path}").tap { |url| + url.memo = '(via haproxy)' + } + end + + # + # generates a couchdb url for when couchdb is running locally. + # + # example properties: + # + # couch: + # port: 5984 + # + def couchdb_url_via_localhost(path="", options=nil) + path = path.gsub('"', '%22') + port = (options && options[:port]) || assert_property('couch.port') + if options && options[:username] + password = property("couch.users.%{username}.password" % options) + userpart = "%s:%s@" % [options[:username], password] + else + userpart = "" + end + return URLString.new("http://#{userpart}localhost:#{port}#{path}").tap { |url| + url.memo = '(via direct localhost connection)' + } + end + + # + # returns a single url for accessing couchdb + # + def couchdb_url(path="", options=nil) + if property('couch.port') + couchdb_url_via_localhost(path, options) + elsif property('stunnel.clients.couch_client') + couchdb_urls_via_stunnel(path, options).first + end + end + + # + # returns an array of urls for accessing couchdb + # + def couchdb_urls(path="", options=nil) + if property('couch.port') + [couchdb_url_via_localhost(path, options)] + elsif property('stunnel.clients.couch_client') + couchdb_urls_via_stunnel(path, options) + end + end + + def assert_destroy_user_db(user_id, options=nil) + db_name = "user-#{user_id}" + url = couchdb_url("/#{db_name}", options) + http_options = {:ok_codes => [200, 404]} # ignore missing dbs + assert_delete(url, nil, http_options) + end + + def assert_create_user_db(user_id, options=nil) + db_name = "user-#{user_id}" + url = couchdb_url("/#{db_name}", options) + http_options = {:ok_codes => [200, 404]} # ignore missing dbs + assert_put(url, nil, :format => :json) do |body| + assert response = JSON.parse(body), "PUT response should be JSON" + assert response["ok"], "PUT response should be OK" + end + end + + # + # returns true if the per-user db created by soledad-server exists. + # + def user_db_exists?(user_id, options=nil) + options = {:username => 'admin'}.merge(options || {}) + db_name = "user-#{user_id}" + url = couchdb_url("/#{db_name}", options) + get(url) do |body, response, error| + if response.nil? + fail "could not query couchdb #{url}: #{error}\n#{body}" + elsif response.code.to_i == 200 + return true + elsif response.code.to_i == 404 + return false + else + fail ["could not query couchdb #{url}: expected response code 200 or 404, but got #{response.code}.", error, body].compact.join("\n") + end + end + end + +end \ No newline at end of file diff --git a/tests/server-tests/helpers/files_helper.rb b/tests/server-tests/helpers/files_helper.rb new file mode 100644 index 00000000..d6795889 --- /dev/null +++ b/tests/server-tests/helpers/files_helper.rb @@ -0,0 +1,54 @@ +class LeapTest + + # + # Matches the regexp in the file, and returns the first matched string (or fails if no match). + # + def file_match(filename, regexp) + if match = File.read(filename).match(regexp) + match.captures.first + else + fail "Regexp #{regexp.inspect} not found in file #{filename.inspect}." + end + end + + # + # Matches the regexp in the file, and returns array of matched strings (or fails if no match). + # + def file_matches(filename, regexp) + if match = File.read(filename).match(regexp) + match.captures + else + fail "Regexp #{regexp.inspect} not found in file #{filename.inspect}." + end + end + + # + # checks to make sure the given property path exists in $node (e.g. hiera.yaml) + # and returns the value + # + def assert_property(property) + latest = $node + property.split('.').each do |segment| + latest = latest[segment] + fail "Required node property `#{property}` is missing." if latest.nil? + end + return latest + end + + # + # a handy function to get the value of a long property path + # without needing to test the existance individually of each part + # in the tree. + # + # e.g. property("stunnel.clients.couch_client") + # + def property(property) + latest = $node + property.split('.').each do |segment| + latest = latest[segment] + return nil if latest.nil? + end + return latest + end + +end \ No newline at end of file diff --git a/tests/server-tests/helpers/http_helper.rb b/tests/server-tests/helpers/http_helper.rb new file mode 100644 index 00000000..0d0bb7d5 --- /dev/null +++ b/tests/server-tests/helpers/http_helper.rb @@ -0,0 +1,157 @@ +require 'net/http' + +class LeapTest + + # + # In order to easily provide detailed error messages, it is useful + # to append a memo to a url string that details what this url is for + # (e.g. stunnel, haproxy, etc). + # + # So, the url happens to be a UrlString, the memo field is used + # if there is an error in assert_get. + # + class URLString < String + attr_accessor :memo + end + + # + # aliases for http_send() + # + def get(url, params=nil, options=nil, &block) + http_send("GET", url, params, options, &block) + end + def delete(url, params=nil, options=nil, &block) + http_send("DELETE", url, params, options, &block) + end + def post(url, params=nil, options=nil, &block) + http_send("POST", url, params, options, &block) + end + def put(url, params=nil, options=nil, &block) + http_send("PUT", url, params, options, &block) + end + + # + # send a GET, DELETE, POST, or PUT + # yields |body, response, error| + # + def http_send(method, url, params=nil, options=nil) + options ||= {} + response = nil + + # build uri + uri = URI(url) + if params && (method == 'GET' || method == 'DELETE') + uri.query = URI.encode_www_form(params) + end + + # build http + http = Net::HTTP.new uri.host, uri.port + if uri.scheme == 'https' + http.verify_mode = OpenSSL::SSL::VERIFY_NONE + http.use_ssl = true + end + + # build request + request = build_request(method, uri, params, options) + + # make http request + http.start do |agent| + response = agent.request(request) + yield response.body, response, nil + end + rescue => exc + yield nil, response, exc + end + + # + # Aliases for assert_http_send() + # + def assert_get(url, params=nil, options=nil, &block) + assert_http_send("GET", url, params, options, &block) + end + def assert_delete(url, params=nil, options=nil, &block) + assert_http_send("DELETE", url, params, options, &block) + end + def assert_post(url, params=nil, options=nil, &block) + assert_http_send("POST", url, params, options, &block) + end + def assert_put(url, params=nil, options=nil, &block) + assert_http_send("PUT", url, params, options, &block) + end + + # + # calls http_send, yielding results if successful or failing with + # descriptive info otherwise. + # + # options: + # - error_msg: custom error message to display. + # - ok_codes: in addition to 2xx, codes in this array will not produce an error. + # + def assert_http_send(method, url, params=nil, options=nil, &block) + options ||= {} + error_msg = options[:error_msg] || (url.respond_to?(:memo) ? url.memo : nil) + http_send(method, url, params, options) do |body, response, error| + if response + code = response.code.to_i + ok = code >= 200 && code < 300 + if options[:ok_codes] + ok ||= options[:ok_codes].include?(code) + end + if ok + if block + yield(body) if block.arity == 1 + yield(body, response) if block.arity == 2 + yield(body, response, error) if block.arity == 3 + end + else + fail ["Expected success code from #{method} #{url}, but got #{response.code} instead.", error_msg, body].compact.join("\n") + end + else + fail ["Expected a response from #{method} #{url}, but got \"#{error}\" instead.", error_msg, body].compact.join("\n"), error + end + end + end + + # + # only a warning for now, should be a failure in the future + # + def assert_auth_fail(url, params) + uri = URI(url) + get(url, params) do |body, response, error| + unless response.code.to_s == "401" + warn "Expected a '401 Unauthorized' response, but got #{response.code} instead (GET #{uri.request_uri} with username '#{uri.user}')." + return false + end + end + true + end + + private + + def build_request(method, uri, params, options) + request = case method + when "GET" then Net::HTTP::Get.new(uri.request_uri) + when "DELETE" then Net::HTTP::Delete.new(uri.request_uri) + when "POST" then Net::HTTP::Post.new(uri.request_uri) + when "PUT" then Net::HTTP::Put.new(uri.request_uri) + end + if uri.user + request.basic_auth uri.user, uri.password + end + if params && (method == 'POST' || method == 'PUT') + if options[:format] == :json || options[:format] == 'json' + request["Content-Type"] = "application/json" + request.body = params.to_json + else + request.set_form_data(params) if params + end + end + if options[:headers] + options[:headers].each do |key, value| + request[key] = value + end + end + request + end + +end \ No newline at end of file diff --git a/tests/server-tests/helpers/network_helper.rb b/tests/server-tests/helpers/network_helper.rb new file mode 100644 index 00000000..713d57aa --- /dev/null +++ b/tests/server-tests/helpers/network_helper.rb @@ -0,0 +1,79 @@ +class LeapTest + + # + # tcp connection helper with timeout + # + def try_tcp_connect(host, port, timeout = 5) + addr = Socket.getaddrinfo(host, nil) + sockaddr = Socket.pack_sockaddr_in(port, addr[0][3]) + + Socket.new(Socket.const_get(addr[0][0]), Socket::SOCK_STREAM, 0).tap do |socket| + socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1) + begin + socket.connect_nonblock(sockaddr) + rescue IO::WaitReadable + if IO.select([socket], nil, nil, timeout) == nil + raise "Connection timeout" + else + socket.connect_nonblock(sockaddr) + end + rescue IO::WaitWritable + if IO.select(nil, [socket], nil, timeout) == nil + raise "Connection timeout" + else + socket.connect_nonblock(sockaddr) + end + end + return socket + end + end + + def try_tcp_write(socket, timeout = 5) + begin + socket.write_nonblock("\0") + rescue IO::WaitReadable + if IO.select([socket], nil, nil, timeout) == nil + raise "Write timeout" + else + retry + end + rescue IO::WaitWritable + if IO.select(nil, [socket], nil, timeout) == nil + raise "Write timeout" + else + retry + end + end + end + + def try_tcp_read(socket, timeout = 5) + begin + socket.read_nonblock(1) + rescue IO::WaitReadable + if IO.select([socket], nil, nil, timeout) == nil + raise "Read timeout" + else + retry + end + rescue IO::WaitWritable + if IO.select(nil, [socket], nil, timeout) == nil + raise "Read timeout" + else + retry + end + end + end + + def assert_tcp_socket(host, port, msg=nil) + begin + socket = try_tcp_connect(host, port, 1) + #try_tcp_write(socket,1) + #try_tcp_read(socket,1) + rescue StandardError => exc + fail ["Failed to open socket #{host}:#{port}", exc, msg].compact.join("\n") + ensure + socket.close if socket + end + end + +end \ No newline at end of file diff --git a/tests/server-tests/helpers/os_helper.rb b/tests/server-tests/helpers/os_helper.rb new file mode 100644 index 00000000..9923d5b1 --- /dev/null +++ b/tests/server-tests/helpers/os_helper.rb @@ -0,0 +1,41 @@ +class LeapTest + + # + # works like pgrep command line + # return an array of hashes like so [{:pid => "1234", :process => "ls"}] + # + def pgrep(match) + output = `pgrep --full --list-name '#{match}'` + output.each_line.map{|line| + pid = line.split(' ')[0] + process = line.gsub(/(#{pid} |\n)/, '') + # filter out pgrep cmd itself + # on wheezy hosts, the "process" var contains the whole cmd including all parameters + # on jessie hosts, it only contains the first cmd (which is the default sheel invoked by 'sh') + if process =~ /^sh/ + nil + else + {:pid => pid, :process => process} + end + }.compact + end + + def assert_running(process, options={}) + processes = pgrep(process) + assert processes.any?, "No running process for #{process}" + if options[:single] + assert processes.length == 1, "More than one process for #{process}" + end + end + + # + # runs the specified command, failing on a non-zero exit status. + # + def assert_run(command) + output = `#{command} 2>&1` + if $?.exitstatus != 0 + fail "Error running `#{command}`:\n#{output}" + end + end + +end \ No newline at end of file diff --git a/tests/server-tests/helpers/smtp_helper.rb b/tests/server-tests/helpers/smtp_helper.rb new file mode 100644 index 00000000..ea7fb9fa --- /dev/null +++ b/tests/server-tests/helpers/smtp_helper.rb @@ -0,0 +1,45 @@ +require 'net/smtp' + +class LeapTest + + TEST_EMAIL_USER = "test_user_email" + TEST_BAD_USER = "test_user_bad" + + MSG_BODY = %(Since it seems that any heart which beats for freedom has the right only to a +lump of lead, I too claim my share. If you let me live, I shall never stop +crying for revenge and I shall avenge my brothers. I have finished. If you are +not cowards, kill me! + +--Louise Michel) + + def send_email(recipient, options={}) + sender = options[:sender] || recipient + helo_domain = property('domain.full_suffix') + headers = { + "Date" => Time.now.utc, + "From" => sender, + "To" => recipient, + "Subject" => "Test Message", + "X-LEAP-TEST" => "true" + }.merge(options[:headers]||{}) + message = [] + headers.each do |key, value| + message << "#{key}: #{value}" + end + message << "" + message << MSG_BODY + Net::SMTP.start('localhost', 25, helo_domain) do |smtp| + smtp.send_message message.join("\n"), recipient, sender + end + end + + def assert_send_email(recipient, options={}) + begin + send_email(recipient, options) + rescue IOError, Net::OpenTimeout, + Net::ReadTimeout, Net::SMTPError => e + fail "Could not send mail to #{recipient} (#{e})" + end + end + +end \ No newline at end of file diff --git a/tests/server-tests/helpers/soledad_sync.py b/tests/server-tests/helpers/soledad_sync.py new file mode 100755 index 00000000..f4fc81ae --- /dev/null +++ b/tests/server-tests/helpers/soledad_sync.py @@ -0,0 +1,89 @@ +#!/usr/bin/env python +""" +soledad_sync.py + +This script exercises soledad synchronization. +Its exit code is 0 if the sync took place correctly, 1 otherwise. + +It takes 5 arguments: + + uuid: uuid of the user to sync + token: a valid session token + server: the url of the soledad server we should connect to + cert_file: the file containing the certificate for the CA that signed the + cert for the soledad server. + password: the password for the user to sync + +__author__: kali@leap.se +""" +import os +import shutil +import sys +import tempfile + +# This is needed because the twisted shipped with wheezy is too old +# to do proper ssl verification. +os.environ['SKIP_TWISTED_SSL_CHECK'] = '1' + +from twisted.internet import defer, reactor +from twisted.python import log + +from client_side_db import get_soledad_instance +from leap.common.events import flags + +flags.set_events_enabled(False) + +NUMDOCS = 1 +USAGE = "Usage: %s uuid token server cert_file password" % sys.argv[0] + + +def bail(msg, exitcode): + print "[!] %s" % msg + sys.exit(exitcode) + + +def create_docs(soledad): + """ + Populates the soledad database with dummy messages, so we can exercise + sending payloads during the sync. + """ + deferreds = [] + for index in xrange(NUMDOCS): + deferreds.append(soledad.create_doc({'payload': 'dummy'})) + return defer.gatherResults(deferreds) + +# main program + +if __name__ == '__main__': + + tempdir = tempfile.mkdtemp() + + def rm_tempdir(): + shutil.rmtree(tempdir) + + if len(sys.argv) < 6: + bail(USAGE, 2) + + uuid, token, server, cert_file, passphrase = sys.argv[1:] + s = get_soledad_instance( + uuid, passphrase, tempdir, server, cert_file, token) + + def onSyncDone(sync_result): + print "SYNC_RESULT:", sync_result + s.close() + rm_tempdir() + reactor.stop() + + def log_and_exit(f): + log.err(f) + rm_tempdir() + reactor.stop() + + def start_sync(): + d = create_docs(s) + d.addCallback(lambda _: s.sync()) + d.addCallback(onSyncDone) + d.addErrback(log_and_exit) + + reactor.callWhenRunning(start_sync) + reactor.run() diff --git a/tests/server-tests/helpers/srp_helper.rb b/tests/server-tests/helpers/srp_helper.rb new file mode 100644 index 00000000..b30fa768 --- /dev/null +++ b/tests/server-tests/helpers/srp_helper.rb @@ -0,0 +1,171 @@ +# +# Here are some very stripped down helper methods for SRP, useful only for +# testing the client side. +# + +require 'digest' +require 'openssl' +require 'securerandom' +require 'base64' + +module SRP + + ## + ## UTIL + ## + + module Util + PRIME_N = <<-EOS.split.join.hex +115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3 + EOS + BIG_PRIME_N = <<-EOS.split.join.hex # 1024 bits modulus (N) +eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c25657 +6d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089da +d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5 +7ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb +06e3 + EOS + GENERATOR = 2 # g + + def hn_xor_hg + byte_xor_hex(sha256_int(BIG_PRIME_N), sha256_int(GENERATOR)) + end + + # a^n (mod m) + def modpow(a, n, m = BIG_PRIME_N) + r = 1 + while true + r = r * a % m if n[0] == 1 + n >>= 1 + return r if n == 0 + a = a * a % m + end + end + + # Hashes the (long) int args + def sha256_int(*args) + sha256_hex(*args.map{|a| "%02x" % a}) + end + + # Hashes the hex args + def sha256_hex(*args) + h = args.map{|a| a.length.odd? ? "0#{a}" : a }.join('') + sha256_str([h].pack('H*')) + end + + def sha256_str(s) + Digest::SHA2.hexdigest(s) + end + + def bigrand(bytes) + OpenSSL::Random.random_bytes(bytes).unpack("H*")[0] + end + + def multiplier + @muliplier ||= calculate_multiplier + end + + protected + + def calculate_multiplier + sha256_int(BIG_PRIME_N, GENERATOR).hex + end + + def byte_xor_hex(a, b) + a = [a].pack('H*') + b = [b].pack('H*') + a.bytes.each_with_index.map do |a_byte, i| + (a_byte ^ (b[i].ord || 0)).chr + end.join + end + end + + ## + ## SESSION + ## + + class Session + include SRP::Util + attr_accessor :user + attr_accessor :bb + + def initialize(user, aa=nil) + @user = user + @a = bigrand(32).hex + end + + def m + @m ||= sha256_hex(n_xor_g_long, login_hash, @user.salt.to_s(16), aa, bb, k) + end + + def aa + @aa ||= modpow(GENERATOR, @a).to_s(16) # A = g^a (mod N) + end + + protected + + # client: K = H( (B - kg^x) ^ (a + ux) ) + def client_secret + base = bb.hex + base -= modpow(GENERATOR, @user.private_key) * multiplier + base = base % BIG_PRIME_N + modpow(base, @user.private_key * u.hex + @a) + end + + def k + @k ||= sha256_int(client_secret) + end + + def n_xor_g_long + @n_xor_g_long ||= hn_xor_hg.bytes.map{|b| "%02x" % b.ord}.join + end + + def login_hash + @login_hash ||= sha256_str(@user.username) + end + + def u + @u ||= sha256_hex(aa, bb) + end + end + + ## + ## Dummy USER + ## + + class User + include SRP::Util + + attr_accessor :username, :password, :salt, :verifier, :id, :session_token, :ok, :deleted + + def initialize(username=nil) + @username = username || "tmp_user_" + SecureRandom.urlsafe_base64(10).downcase.gsub(/[_-]/, '') + @password = "password_" + SecureRandom.urlsafe_base64(10) + @salt = bigrand(4).hex + @verifier = modpow(GENERATOR, private_key) + @ok = false + @deleted = false + end + + def private_key + @private_key ||= calculate_private_key + end + + def to_params + { + 'user[login]' => @username, + 'user[password_verifier]' => @verifier.to_s(16), + 'user[password_salt]' => @salt.to_s(16) + } + end + + private + + def calculate_private_key + shex = '%x' % [@salt] + inner = sha256_str([@username, @password].join(':')) + sha256_hex(shex, inner).hex + end + end + +end diff --git a/tests/server-tests/order.rb b/tests/server-tests/order.rb new file mode 100644 index 00000000..14aad9be --- /dev/null +++ b/tests/server-tests/order.rb @@ -0,0 +1,22 @@ +class LeapCli::Config::Node + # + # returns a list of node names that should be tested before this node. + # make sure to not return ourselves (please no dependency loops!). + # + # NOTE: this method determines the order that nodes are tested in. To specify + # the order of tests on a particular node, each test can call class method + # LeapTest.depends_on(). + # + def test_dependencies + dependents = LeapCli::Config::ObjectList.new + + # webapp, mx, and soledad depend on couchdb nodes + if services.include?('webapp') || services.include?('mx') || services.include?('soledad') + if !services.include?('couchdb') + dependents.merge! nodes_like_me[:services => 'couchdb'] + end + end + + dependents.keys.delete_if {|name| self.name == name} + end +end \ No newline at end of file diff --git a/tests/server-tests/white-box/couchdb.rb b/tests/server-tests/white-box/couchdb.rb new file mode 100644 index 00000000..44a2769b --- /dev/null +++ b/tests/server-tests/white-box/couchdb.rb @@ -0,0 +1,169 @@ +raise SkipTest unless service?(:couchdb) + +require 'json' + +class CouchDB < LeapTest + depends_on "Network" + + def setup + end + + def test_00_Are_daemons_running? + assert_running 'bin/beam' + if multimaster? + assert_running 'bin/epmd' + end + pass + end + + # + # check to make sure we can get welcome response from local couchdb + # + def test_01_Is_CouchDB_running? + assert_get(couchdb_url) do |body| + assert_match /"couchdb":"Welcome"/, body, "Could not get welcome message from #{couchdb_url}. Probably couchdb is not running." + end + pass + end + + # + # all configured nodes are in 'cluster_nodes' + # all nodes online and communicating are in 'all_nodes' + # + # this seems backward to me, so it might be the other way around. + # + def test_03_Are_configured_nodes_online? + return unless multimaster? + url = couchdb_url("/_membership", :username => 'admin') + assert_get(url) do |body| + response = JSON.parse(body) + nodes_configured_but_not_available = response['cluster_nodes'] - response['all_nodes'] + nodes_available_but_not_configured = response['all_nodes'] - response['cluster_nodes'] + if nodes_configured_but_not_available.any? + warn "These nodes are configured but not available:", nodes_configured_but_not_available + end + if nodes_available_but_not_configured.any? + warn "These nodes are available but not configured:", nodes_available_but_not_configured + end + if response['cluster_nodes'] == response['all_nodes'] + pass + end + end + end + + def test_04_Do_ACL_users_exist? + acl_users = ['_design/_auth', 'leap_mx', 'nickserver', 'soledad', 'webapp', 'replication'] + url = couchdb_backend_url("/_users/_all_docs", :username => 'admin') + assert_get(url) do |body| + response = JSON.parse(body) + assert_equal acl_users.count, response['total_rows'] + actual_users = response['rows'].map{|row| row['id'].sub(/^org.couchdb.user:/, '') } + assert_equal acl_users.sort, actual_users.sort + end + pass + end + + def test_05_Do_required_databases_exist? + dbs_that_should_exist = ["customers","identities","keycache","shared","tickets","users", "tmp_users"] + dbs_that_should_exist << "tokens_#{rotation_suffix}" + dbs_that_should_exist << "sessions_#{rotation_suffix}" + dbs_that_should_exist.each do |db_name| + url = couchdb_url("/"+db_name, :username => 'admin') + assert_get(url) do |body| + assert response = JSON.parse(body) + assert_equal db_name, response['db_name'] + end + end + pass + end + + # disable ACL enforcement, because it's a known issue with bigcouch + # and will only confuse the user + # see https://leap.se/code/issues/6030 for more details + # + ## for now, this just prints warnings, since we are failing these tests. + ## + + #def test_06_Is_ACL_enforced? + # ok = assert_auth_fail( + # couchdb_url('/users/_all_docs', :username => 'leap_mx'), + # {:limit => 1} + # ) + # ok = assert_auth_fail( + # couchdb_url('/users/_all_docs', :username => 'leap_mx'), + # {:limit => 1} + # ) && ok + # pass if ok + #end + + def test_07_Can_records_be_created? + record = DummyRecord.new + url = couchdb_url("/tokens_#{rotation_suffix}", :username => 'admin') + assert_post(url, record, :format => :json) do |body| + assert response = JSON.parse(body), "POST response should be JSON" + assert response["ok"], "POST response should be OK" + assert_delete(File.join(url, response["id"]), :rev => response["rev"]) do |body| + assert response = JSON.parse(body), "DELETE response should be JSON" + assert response["ok"], "DELETE response should be OK" + end + end + pass + end + + # + # This is not really a "test", just an attempt to make sure that + # the mx tests that fire off dummy emails don't fill up the + # storage db. + # + # mx tests can't run this because they don't have access to + # the storage db. + # + # This "test" is responsible for both creating the db if it does not + # exist, and destroying if it does. + # + # Yes, this is super hacky. Properly, we should add something to + # the soledad api to support create/delete of user storage dbs. + # + def test_99_Delete_mail_storage_used_in_mx_tests + user = find_user_by_login(TEST_EMAIL_USER) + if user + if user_db_exists?(user["id"]) + # keep the test email db from filling up: + assert_destroy_user_db(user["id"], :username => 'admin') + end + # either way, make sure we leave a db for the mx tests: + assert_create_user_db(user["id"], :username => 'admin') + end + silent_pass + end + + private + + def multimaster? + mode == "multimaster" + end + + def mode + assert_property('couch.mode') + end + + # TODO: admin port is hardcoded for now but should be configurable. + def couchdb_backend_url(path="", options={}) + options = {port: multimaster? && "5986"}.merge options + couchdb_url(path, options) + end + + def rotation_suffix + rotation_suffix = Time.now.utc.to_i / 2592000 # monthly + end + + require 'securerandom' + require 'digest/sha2' + class DummyRecord < Hash + def initialize + self['data'] = SecureRandom.urlsafe_base64(32).gsub(/^_*/, '') + self['_id'] = Digest::SHA512.hexdigest(self['data']) + end + end + +end diff --git a/tests/server-tests/white-box/dummy.rb b/tests/server-tests/white-box/dummy.rb new file mode 100644 index 00000000..a3e8ad68 --- /dev/null +++ b/tests/server-tests/white-box/dummy.rb @@ -0,0 +1,71 @@ +# only run in the dummy case where there is no hiera.yaml file. +raise SkipTest unless $node["dummy"] + +class Robot + def can_shoot_lasers? + "OHAI!" + end + + def can_fly? + "YES!" + end +end + +class TestDummy < LeapTest + def setup + @robot = Robot.new + end + + def test_lasers + assert_equal "OHAI!", @robot.can_shoot_lasers? + pass + end + + def test_fly + refute_match /^no/i, @robot.can_fly? + pass + end + + def test_fail + fail "fail" + pass + end + + def test_01_will_be_skipped + skip "test this later" + pass + end + + def test_socket_failure + assert_tcp_socket('localhost', 900000) + pass + end + + def test_warn + block_test do + warn "not everything", "is a success or failure" + end + end + + # used to test extracting the proper caller even when in a block + def block_test + yield + end + + def test_socket_success + fork { + Socket.tcp_server_loop('localhost', 12345) do |sock, client_addrinfo| + begin + sock.write('hi') + ensure + sock.close + exit + end + end + } + sleep 0.2 + assert_tcp_socket('localhost', 12345) + pass + end + +end diff --git a/tests/server-tests/white-box/mx.rb b/tests/server-tests/white-box/mx.rb new file mode 100644 index 00000000..0eeaacd0 --- /dev/null +++ b/tests/server-tests/white-box/mx.rb @@ -0,0 +1,271 @@ +raise SkipTest unless service?(:mx) + +require 'date' +require 'json' +require 'net/smtp' + +class Mx < LeapTest + depends_on "Network" + depends_on "Webapp" if service?(:webapp) + + def setup + end + + def test_01_Can_contact_couchdb? + dbs = ["identities"] + dbs.each do |db_name| + couchdb_urls("/"+db_name, couch_url_options).each do |url| + assert_get(url) do |body| + assert response = JSON.parse(body) + assert_equal db_name, response['db_name'] + end + end + end + pass + end + + def test_02_Can_contact_couchdb_via_haproxy? + if property('haproxy.couch') + url = couchdb_url_via_haproxy("", couch_url_options) + assert_get(url) do |body| + assert_match /"couchdb":"Welcome"/, body, "Request to #{url} should return couchdb welcome message." + end + pass + end + end + + # + # this test picks a random identity document, then queries + # using the by_address view for that same document again. + # + def test_03_Can_query_identities_db? + ident = pick_random_identity + address = ident['address'] + url_base = %(/identities/_design/Identity/_view/by_address) + params = %(?include_docs=true&reduce=false&startkey="#{address}"&endkey="#{address}") + assert_get(couchdb_url(url_base+params, couch_url_options)) do |body| + assert response = JSON.parse(body) + assert record = response['rows'].first + assert_equal address, record['doc']['address'] + pass + end + end + + def test_04_Are_MX_daemons_running? + assert_running '.*/usr/bin/twistd.*mx.tac' + assert_running '^/usr/lib/postfix/master$' + assert_running '^/usr/sbin/postfwd' + assert_running 'postfwd2::cache$' + assert_running 'postfwd2::policy$' + assert_running '^/usr/sbin/unbound$' + assert_running '^/usr/bin/freshclam' + assert_running '^/usr/sbin/opendkim' + if Dir.glob("/var/lib/clamav/main.{c[vl]d,inc}").size > 0 and Dir.glob("/var/lib/clamav/daily.{c[vl]d,inc}").size > 0 + assert_running '^/usr/sbin/clamd' + assert_running '^/usr/sbin/clamav-milter' + pass + else + skip "Downloading the clamav signature files (/var/lib/clamav/{daily,main}.{c[vl]d,inc}) is still in progress, so clamd is not running." + end + end + + # + # TODO: test to make sure postmap returned the right result + # + def test_05_Can_postfix_query_leapmx? + ident = pick_random_identity(10, :with_public_key => true) + address = ident["address"] + + # + # virtual alias map: + # + # user@domain => 41c29a80a44f4775513c64ac9cab91b9@deliver.local + # + assert_run("postmap -v -q \"#{address}\" tcp:localhost:4242") + + # + # recipient access map: + # + # user@domain => [OK|REJECT|TEMP_FAIL] + # + # This map is queried by the mail server before delivery to the mail spool + # directory, and should check if the address is able to receive messages. + # Examples of reasons for denying delivery would be that the user is out of + # quota, is user, or have no pgp public key in the server. + # + # NOTE: in the future, when we support quota, we need to make sure that + # we don't randomly pick a user for this test that happens to be over quota. + # + assert_run("postmap -v -q \"#{address}\" tcp:localhost:2244") + + # + # certificate validity map: + # + # fa:2a:70:1f:d8:16:4e:1a:3b:15:c1:67:00:f0 => [200|500] + # + # Determines whether a particular SMTP client cert is authorized + # to relay mail, based on the fingerprint. + # + if ident["cert_fingerprints"] + not_expired = ident["cert_fingerprints"].select {|key, value| + Time.now.utc < DateTime.strptime("2016-01-03", "%F").to_time.utc + } + if not_expired.any? + fingerprint = not_expired.first + assert_run("postmap -v -q #{fingerprint} tcp:localhost:2424") + end + end + + pass + end + + # + # The email sent by this test might get bounced back. + # In this case, the test will pass, but the bounce message will + # get sent to root, so the sysadmin will still figure out pretty + # quickly that something is wrong. + # + def test_05_Can_deliver_email? + if pgrep('^/usr/sbin/clamd').empty? || pgrep('^/usr/sbin/clamav-milter').empty? + skip "Mail delivery is being deferred because clamav daemon is not running" + else + addr = [TEST_EMAIL_USER, property('domain.full_suffix')].join('@') + bad_addr = [TEST_BAD_USER, property('domain.full_suffix')].join('@') + + assert !identity_exists?(bad_addr), "the address #{bad_addr} must not exist." + if !identity_exists?(addr) + user = assert_create_user(TEST_EMAIL_USER, :monitor) + upload_public_key(user.id, TEST_EMAIL_PUBLIC_KEY) + end + assert identity_exists?(addr), "The identity #{addr} should have been created, but it doesn't exist yet." + assert_send_email(addr) + assert_raises(Net::SMTPError) do + send_email(bad_addr) + end + pass + end + end + + private + + def couch_url_options + { + :username => property('couchdb_leap_mx_user.username'), + :password => property('couchdb_leap_mx_user.password') + } + end + + # + # returns a random identity record that also has valid address + # and destination fields. + # + # options: + # + # * :with_public_key -- searches only for identities with public keys + # + # note to self: for debugging, here is the curl you want: + # curl --netrc "127.0.0.1:5984/identities/_design/Identity/_view/by_address?startkey=\"xxxx@leap.se\"&endkey=\"xxxx@leap.se\"&reduce=false&include_docs=true" + # + def pick_random_identity(tries=5, options={}) + assert_get(couchdb_url("/identities", couch_url_options)) do |body| + assert response = JSON.parse(body) + doc_count = response['doc_count'].to_i + if doc_count <= 1 + # the design document counts as one document. + skip "There are no identity documents yet." + else + # try repeatedly to get a valid doc + for i in 1..tries + offset = rand(doc_count) # pick a random document + url = couchdb_url("/identities/_all_docs?include_docs=true&limit=1&skip=#{offset}", couch_url_options) + assert_get(url) do |body| + assert response = JSON.parse(body) + record = response['rows'].first + if record['id'] =~ /_design/ + next + elsif record['doc'] && record['doc']['address'] + next if record['doc']['destination'].nil? || record['doc']['destination'].empty? + next if options[:with_public_key] && !record_has_key?(record) + return record['doc'] + else + fail "Identity document #{record['id']} is missing an address field. #{record['doc'].inspect}" + end + end + end + if options[:with_public_key] + skip "Could not find an Identity document with a public key for testing." + else + fail "Failed to find a valid Identity document (with address and destination)." + end + end + end + end + + def record_has_key?(record) + !record['doc']['keys'].nil? && + !record['doc']['keys'].empty? && + !record['doc']['keys']['pgp'].nil? && + !record['doc']['keys']['pgp'].empty? + end + + TEST_EMAIL_PUBLIC_KEY=< 7 + # on jessie, there is only one stunnel proc running instead of 6 + expected = 1 + else + expected = 6 + end + $node['stunnel']['clients'].each do |stunnel_type, stunnel_configs| + stunnel_configs.each do |stunnel_name, stunnel_conf| + config_file_name = "/etc/stunnel/#{stunnel_name}.conf" + processes = pgrep(config_file_name) + assert_equal expected, processes.length, "There should be #{expected} stunnel processes running for `#{config_file_name}`" + good_stunnel_pids += processes.map{|ps| ps[:pid]} + assert port = stunnel_conf['accept_port'], 'Field `accept_port` must be present in `stunnel` property.' + assert_tcp_socket('localhost', port) + end + end + $node['stunnel']['servers'].each do |stunnel_name, stunnel_conf| + config_file_name = "/etc/stunnel/#{stunnel_name}.conf" + processes = pgrep(config_file_name) + assert_equal expected, processes.length, "There should be #{expected} stunnel processes running for `#{config_file_name}`" + good_stunnel_pids += processes.map{|ps| ps[:pid]} + assert accept_port = stunnel_conf['accept_port'], "Field `accept` must be present in property `stunnel.servers.#{stunnel_name}`" + assert_tcp_socket('localhost', accept_port) + assert connect_port = stunnel_conf['connect_port'], "Field `connect` must be present in property `stunnel.servers.#{stunnel_name}`" + assert_tcp_socket('localhost', connect_port, + "The local connect endpoint for stunnel `#{stunnel_name}` is unavailable.\n"+ + "This is probably caused by a daemon that died or failed to start on\n"+ + "port `#{connect_port}`, not stunnel itself.") + end + all_stunnel_pids = pgrep('/usr/bin/stunnel').collect{|process| process[:pid]}.uniq + assert_equal good_stunnel_pids.sort, all_stunnel_pids.sort, "There should not be any extra stunnel processes that are not configured in /etc/stunnel" + pass + end + + def test_03_Is_shorewall_running? + ignore unless File.exist?('/sbin/shorewall') + assert_run('/sbin/shorewall status') + pass + end + + THIRTY_DAYS = 60*60*24*30 + + def test_04_Are_server_certificates_valid? + cert_paths = ["/etc/x509/certs/leap_commercial.crt", "/etc/x509/certs/leap.crt"] + cert_paths.each do |cert_path| + if File.exist?(cert_path) + cert = OpenSSL::X509::Certificate.new(File.read(cert_path)) + if Time.now > cert.not_after + fail "The certificate #{cert_path} expired on #{cert.not_after}" + elsif Time.now + THIRTY_DAYS > cert.not_after + fail "The certificate #{cert_path} will expire soon, on #{cert.not_after}" + end + end + end + pass + end + +end diff --git a/tests/server-tests/white-box/openvpn.rb b/tests/server-tests/white-box/openvpn.rb new file mode 100644 index 00000000..170d4503 --- /dev/null +++ b/tests/server-tests/white-box/openvpn.rb @@ -0,0 +1,16 @@ +raise SkipTest unless service?(:openvpn) + +class OpenVPN < LeapTest + depends_on "Network" + + def setup + end + + def test_01_Are_daemons_running? + assert_running '^/usr/sbin/openvpn .* /etc/openvpn/tcp_config.conf$' + assert_running '^/usr/sbin/openvpn .* /etc/openvpn/udp_config.conf$' + assert_running '^/usr/sbin/unbound$' + pass + end + +end diff --git a/tests/server-tests/white-box/soledad.rb b/tests/server-tests/white-box/soledad.rb new file mode 100644 index 00000000..d41bee58 --- /dev/null +++ b/tests/server-tests/white-box/soledad.rb @@ -0,0 +1,17 @@ +raise SkipTest unless service?(:soledad) + +require 'json' + +class Soledad < LeapTest + depends_on "Network" + depends_on "CouchDB" if service?(:couchdb) + + def setup + end + + def test_00_Is_Soledad_running? + assert_running '.*/usr/bin/twistd.*--wsgi=leap.soledad.server.application' + pass + end + +end diff --git a/tests/server-tests/white-box/webapp.rb b/tests/server-tests/white-box/webapp.rb new file mode 100644 index 00000000..40c234d6 --- /dev/null +++ b/tests/server-tests/white-box/webapp.rb @@ -0,0 +1,114 @@ +raise SkipTest unless service?(:webapp) + +require 'json' + +class Webapp < LeapTest + depends_on "Network" + + def setup + end + + def test_01_Can_contact_couchdb? + url = couchdb_url("", url_options) + assert_get(url) do |body| + assert_match /"couchdb":"Welcome"/, body, "Request to #{url} should return couchdb welcome message." + end + pass + end + + def test_02_Can_contact_couchdb_via_haproxy? + if property('haproxy.couch') + url = couchdb_url_via_haproxy("", url_options) + assert_get(url) do |body| + assert_match /"couchdb":"Welcome"/, body, "Request to #{url} should return couchdb welcome message." + end + pass + end + end + + def test_03_Are_daemons_running? + assert_running '^/usr/sbin/apache2' + assert_running '^/usr/bin/ruby /usr/bin/nickserver' + pass + end + + # + # this is technically a black-box test. so, move this when we have support + # for black box tests. + # + def test_04_Can_access_webapp? + assert_get('https://' + $node['webapp']['domain'] + '/') + pass + end + + def test_05_Can_create_and_authenticate_and_delete_user_via_API? + if property('webapp.allow_registration') + assert_tmp_user + pass + else + skip "New user registrations are disabled." + end + end + + def test_06_Can_sync_Soledad? + return unless property('webapp.allow_registration') + soledad_config = property('definition_files.soledad_service') + if soledad_config && !soledad_config.empty? + soledad_server = pick_soledad_server(soledad_config) + if soledad_server + assert_tmp_user do |user| + command = File.expand_path "../../helpers/soledad_sync.py", __FILE__ + soledad_url = "https://#{soledad_server}/user-#{user.id}" + soledad_cert = "/usr/local/share/ca-certificates/leap_ca.crt" + assert_run "#{command} #{user.id} #{user.session_token} #{soledad_url} #{soledad_cert} #{user.password}" + assert_user_db_privileges(user) + pass + end + end + else + skip 'No soledad service configuration' + end + end + + private + + def url_options + { + :username => property('webapp.couchdb_webapp_user.username'), + :password => property('webapp.couchdb_webapp_user.password') + } + end + + # + # pick a random soledad server. + # I am not sure why, but using IP address directly does not work. + # + def pick_soledad_server(soledad_config_json_str) + soledad_config = JSON.parse(soledad_config_json_str) + host_name = soledad_config['hosts'].keys.shuffle.first + if host_name + hostname = soledad_config['hosts'][host_name]['hostname'] + port = soledad_config['hosts'][host_name]['port'] + return "#{hostname}:#{port}" + else + return nil + end + end + + # + # checks if user db exists and is properly protected + # + def assert_user_db_privileges(user) + db_name = "/user-#{user.id}" + get(couchdb_url(db_name)) do |body, response, error| + code = response.code.to_i + assert code != 404, "Could not find user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}" + # After moving to couchdb, webapp user is not allowed to Read user dbs, + # but the return code for non-existent databases is 404. See #7674 + # 401 should come as we aren't supposed to have read privileges on it. + assert code != 200, "Incorrect security settings (design doc) on user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}" + assert code == 401, "Unknown error on user db on user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}" + end + end + +end diff --git a/tests/white-box/couchdb.rb b/tests/white-box/couchdb.rb deleted file mode 100644 index 44a2769b..00000000 --- a/tests/white-box/couchdb.rb +++ /dev/null @@ -1,169 +0,0 @@ -raise SkipTest unless service?(:couchdb) - -require 'json' - -class CouchDB < LeapTest - depends_on "Network" - - def setup - end - - def test_00_Are_daemons_running? - assert_running 'bin/beam' - if multimaster? - assert_running 'bin/epmd' - end - pass - end - - # - # check to make sure we can get welcome response from local couchdb - # - def test_01_Is_CouchDB_running? - assert_get(couchdb_url) do |body| - assert_match /"couchdb":"Welcome"/, body, "Could not get welcome message from #{couchdb_url}. Probably couchdb is not running." - end - pass - end - - # - # all configured nodes are in 'cluster_nodes' - # all nodes online and communicating are in 'all_nodes' - # - # this seems backward to me, so it might be the other way around. - # - def test_03_Are_configured_nodes_online? - return unless multimaster? - url = couchdb_url("/_membership", :username => 'admin') - assert_get(url) do |body| - response = JSON.parse(body) - nodes_configured_but_not_available = response['cluster_nodes'] - response['all_nodes'] - nodes_available_but_not_configured = response['all_nodes'] - response['cluster_nodes'] - if nodes_configured_but_not_available.any? - warn "These nodes are configured but not available:", nodes_configured_but_not_available - end - if nodes_available_but_not_configured.any? - warn "These nodes are available but not configured:", nodes_available_but_not_configured - end - if response['cluster_nodes'] == response['all_nodes'] - pass - end - end - end - - def test_04_Do_ACL_users_exist? - acl_users = ['_design/_auth', 'leap_mx', 'nickserver', 'soledad', 'webapp', 'replication'] - url = couchdb_backend_url("/_users/_all_docs", :username => 'admin') - assert_get(url) do |body| - response = JSON.parse(body) - assert_equal acl_users.count, response['total_rows'] - actual_users = response['rows'].map{|row| row['id'].sub(/^org.couchdb.user:/, '') } - assert_equal acl_users.sort, actual_users.sort - end - pass - end - - def test_05_Do_required_databases_exist? - dbs_that_should_exist = ["customers","identities","keycache","shared","tickets","users", "tmp_users"] - dbs_that_should_exist << "tokens_#{rotation_suffix}" - dbs_that_should_exist << "sessions_#{rotation_suffix}" - dbs_that_should_exist.each do |db_name| - url = couchdb_url("/"+db_name, :username => 'admin') - assert_get(url) do |body| - assert response = JSON.parse(body) - assert_equal db_name, response['db_name'] - end - end - pass - end - - # disable ACL enforcement, because it's a known issue with bigcouch - # and will only confuse the user - # see https://leap.se/code/issues/6030 for more details - # - ## for now, this just prints warnings, since we are failing these tests. - ## - - #def test_06_Is_ACL_enforced? - # ok = assert_auth_fail( - # couchdb_url('/users/_all_docs', :username => 'leap_mx'), - # {:limit => 1} - # ) - # ok = assert_auth_fail( - # couchdb_url('/users/_all_docs', :username => 'leap_mx'), - # {:limit => 1} - # ) && ok - # pass if ok - #end - - def test_07_Can_records_be_created? - record = DummyRecord.new - url = couchdb_url("/tokens_#{rotation_suffix}", :username => 'admin') - assert_post(url, record, :format => :json) do |body| - assert response = JSON.parse(body), "POST response should be JSON" - assert response["ok"], "POST response should be OK" - assert_delete(File.join(url, response["id"]), :rev => response["rev"]) do |body| - assert response = JSON.parse(body), "DELETE response should be JSON" - assert response["ok"], "DELETE response should be OK" - end - end - pass - end - - # - # This is not really a "test", just an attempt to make sure that - # the mx tests that fire off dummy emails don't fill up the - # storage db. - # - # mx tests can't run this because they don't have access to - # the storage db. - # - # This "test" is responsible for both creating the db if it does not - # exist, and destroying if it does. - # - # Yes, this is super hacky. Properly, we should add something to - # the soledad api to support create/delete of user storage dbs. - # - def test_99_Delete_mail_storage_used_in_mx_tests - user = find_user_by_login(TEST_EMAIL_USER) - if user - if user_db_exists?(user["id"]) - # keep the test email db from filling up: - assert_destroy_user_db(user["id"], :username => 'admin') - end - # either way, make sure we leave a db for the mx tests: - assert_create_user_db(user["id"], :username => 'admin') - end - silent_pass - end - - private - - def multimaster? - mode == "multimaster" - end - - def mode - assert_property('couch.mode') - end - - # TODO: admin port is hardcoded for now but should be configurable. - def couchdb_backend_url(path="", options={}) - options = {port: multimaster? && "5986"}.merge options - couchdb_url(path, options) - end - - def rotation_suffix - rotation_suffix = Time.now.utc.to_i / 2592000 # monthly - end - - require 'securerandom' - require 'digest/sha2' - class DummyRecord < Hash - def initialize - self['data'] = SecureRandom.urlsafe_base64(32).gsub(/^_*/, '') - self['_id'] = Digest::SHA512.hexdigest(self['data']) - end - end - -end diff --git a/tests/white-box/dummy.rb b/tests/white-box/dummy.rb deleted file mode 100644 index a3e8ad68..00000000 --- a/tests/white-box/dummy.rb +++ /dev/null @@ -1,71 +0,0 @@ -# only run in the dummy case where there is no hiera.yaml file. -raise SkipTest unless $node["dummy"] - -class Robot - def can_shoot_lasers? - "OHAI!" - end - - def can_fly? - "YES!" - end -end - -class TestDummy < LeapTest - def setup - @robot = Robot.new - end - - def test_lasers - assert_equal "OHAI!", @robot.can_shoot_lasers? - pass - end - - def test_fly - refute_match /^no/i, @robot.can_fly? - pass - end - - def test_fail - fail "fail" - pass - end - - def test_01_will_be_skipped - skip "test this later" - pass - end - - def test_socket_failure - assert_tcp_socket('localhost', 900000) - pass - end - - def test_warn - block_test do - warn "not everything", "is a success or failure" - end - end - - # used to test extracting the proper caller even when in a block - def block_test - yield - end - - def test_socket_success - fork { - Socket.tcp_server_loop('localhost', 12345) do |sock, client_addrinfo| - begin - sock.write('hi') - ensure - sock.close - exit - end - end - } - sleep 0.2 - assert_tcp_socket('localhost', 12345) - pass - end - -end diff --git a/tests/white-box/mx.rb b/tests/white-box/mx.rb deleted file mode 100644 index 0eeaacd0..00000000 --- a/tests/white-box/mx.rb +++ /dev/null @@ -1,271 +0,0 @@ -raise SkipTest unless service?(:mx) - -require 'date' -require 'json' -require 'net/smtp' - -class Mx < LeapTest - depends_on "Network" - depends_on "Webapp" if service?(:webapp) - - def setup - end - - def test_01_Can_contact_couchdb? - dbs = ["identities"] - dbs.each do |db_name| - couchdb_urls("/"+db_name, couch_url_options).each do |url| - assert_get(url) do |body| - assert response = JSON.parse(body) - assert_equal db_name, response['db_name'] - end - end - end - pass - end - - def test_02_Can_contact_couchdb_via_haproxy? - if property('haproxy.couch') - url = couchdb_url_via_haproxy("", couch_url_options) - assert_get(url) do |body| - assert_match /"couchdb":"Welcome"/, body, "Request to #{url} should return couchdb welcome message." - end - pass - end - end - - # - # this test picks a random identity document, then queries - # using the by_address view for that same document again. - # - def test_03_Can_query_identities_db? - ident = pick_random_identity - address = ident['address'] - url_base = %(/identities/_design/Identity/_view/by_address) - params = %(?include_docs=true&reduce=false&startkey="#{address}"&endkey="#{address}") - assert_get(couchdb_url(url_base+params, couch_url_options)) do |body| - assert response = JSON.parse(body) - assert record = response['rows'].first - assert_equal address, record['doc']['address'] - pass - end - end - - def test_04_Are_MX_daemons_running? - assert_running '.*/usr/bin/twistd.*mx.tac' - assert_running '^/usr/lib/postfix/master$' - assert_running '^/usr/sbin/postfwd' - assert_running 'postfwd2::cache$' - assert_running 'postfwd2::policy$' - assert_running '^/usr/sbin/unbound$' - assert_running '^/usr/bin/freshclam' - assert_running '^/usr/sbin/opendkim' - if Dir.glob("/var/lib/clamav/main.{c[vl]d,inc}").size > 0 and Dir.glob("/var/lib/clamav/daily.{c[vl]d,inc}").size > 0 - assert_running '^/usr/sbin/clamd' - assert_running '^/usr/sbin/clamav-milter' - pass - else - skip "Downloading the clamav signature files (/var/lib/clamav/{daily,main}.{c[vl]d,inc}) is still in progress, so clamd is not running." - end - end - - # - # TODO: test to make sure postmap returned the right result - # - def test_05_Can_postfix_query_leapmx? - ident = pick_random_identity(10, :with_public_key => true) - address = ident["address"] - - # - # virtual alias map: - # - # user@domain => 41c29a80a44f4775513c64ac9cab91b9@deliver.local - # - assert_run("postmap -v -q \"#{address}\" tcp:localhost:4242") - - # - # recipient access map: - # - # user@domain => [OK|REJECT|TEMP_FAIL] - # - # This map is queried by the mail server before delivery to the mail spool - # directory, and should check if the address is able to receive messages. - # Examples of reasons for denying delivery would be that the user is out of - # quota, is user, or have no pgp public key in the server. - # - # NOTE: in the future, when we support quota, we need to make sure that - # we don't randomly pick a user for this test that happens to be over quota. - # - assert_run("postmap -v -q \"#{address}\" tcp:localhost:2244") - - # - # certificate validity map: - # - # fa:2a:70:1f:d8:16:4e:1a:3b:15:c1:67:00:f0 => [200|500] - # - # Determines whether a particular SMTP client cert is authorized - # to relay mail, based on the fingerprint. - # - if ident["cert_fingerprints"] - not_expired = ident["cert_fingerprints"].select {|key, value| - Time.now.utc < DateTime.strptime("2016-01-03", "%F").to_time.utc - } - if not_expired.any? - fingerprint = not_expired.first - assert_run("postmap -v -q #{fingerprint} tcp:localhost:2424") - end - end - - pass - end - - # - # The email sent by this test might get bounced back. - # In this case, the test will pass, but the bounce message will - # get sent to root, so the sysadmin will still figure out pretty - # quickly that something is wrong. - # - def test_05_Can_deliver_email? - if pgrep('^/usr/sbin/clamd').empty? || pgrep('^/usr/sbin/clamav-milter').empty? - skip "Mail delivery is being deferred because clamav daemon is not running" - else - addr = [TEST_EMAIL_USER, property('domain.full_suffix')].join('@') - bad_addr = [TEST_BAD_USER, property('domain.full_suffix')].join('@') - - assert !identity_exists?(bad_addr), "the address #{bad_addr} must not exist." - if !identity_exists?(addr) - user = assert_create_user(TEST_EMAIL_USER, :monitor) - upload_public_key(user.id, TEST_EMAIL_PUBLIC_KEY) - end - assert identity_exists?(addr), "The identity #{addr} should have been created, but it doesn't exist yet." - assert_send_email(addr) - assert_raises(Net::SMTPError) do - send_email(bad_addr) - end - pass - end - end - - private - - def couch_url_options - { - :username => property('couchdb_leap_mx_user.username'), - :password => property('couchdb_leap_mx_user.password') - } - end - - # - # returns a random identity record that also has valid address - # and destination fields. - # - # options: - # - # * :with_public_key -- searches only for identities with public keys - # - # note to self: for debugging, here is the curl you want: - # curl --netrc "127.0.0.1:5984/identities/_design/Identity/_view/by_address?startkey=\"xxxx@leap.se\"&endkey=\"xxxx@leap.se\"&reduce=false&include_docs=true" - # - def pick_random_identity(tries=5, options={}) - assert_get(couchdb_url("/identities", couch_url_options)) do |body| - assert response = JSON.parse(body) - doc_count = response['doc_count'].to_i - if doc_count <= 1 - # the design document counts as one document. - skip "There are no identity documents yet." - else - # try repeatedly to get a valid doc - for i in 1..tries - offset = rand(doc_count) # pick a random document - url = couchdb_url("/identities/_all_docs?include_docs=true&limit=1&skip=#{offset}", couch_url_options) - assert_get(url) do |body| - assert response = JSON.parse(body) - record = response['rows'].first - if record['id'] =~ /_design/ - next - elsif record['doc'] && record['doc']['address'] - next if record['doc']['destination'].nil? || record['doc']['destination'].empty? - next if options[:with_public_key] && !record_has_key?(record) - return record['doc'] - else - fail "Identity document #{record['id']} is missing an address field. #{record['doc'].inspect}" - end - end - end - if options[:with_public_key] - skip "Could not find an Identity document with a public key for testing." - else - fail "Failed to find a valid Identity document (with address and destination)." - end - end - end - end - - def record_has_key?(record) - !record['doc']['keys'].nil? && - !record['doc']['keys'].empty? && - !record['doc']['keys']['pgp'].nil? && - !record['doc']['keys']['pgp'].empty? - end - - TEST_EMAIL_PUBLIC_KEY=< 7 - # on jessie, there is only one stunnel proc running instead of 6 - expected = 1 - else - expected = 6 - end - $node['stunnel']['clients'].each do |stunnel_type, stunnel_configs| - stunnel_configs.each do |stunnel_name, stunnel_conf| - config_file_name = "/etc/stunnel/#{stunnel_name}.conf" - processes = pgrep(config_file_name) - assert_equal expected, processes.length, "There should be #{expected} stunnel processes running for `#{config_file_name}`" - good_stunnel_pids += processes.map{|ps| ps[:pid]} - assert port = stunnel_conf['accept_port'], 'Field `accept_port` must be present in `stunnel` property.' - assert_tcp_socket('localhost', port) - end - end - $node['stunnel']['servers'].each do |stunnel_name, stunnel_conf| - config_file_name = "/etc/stunnel/#{stunnel_name}.conf" - processes = pgrep(config_file_name) - assert_equal expected, processes.length, "There should be #{expected} stunnel processes running for `#{config_file_name}`" - good_stunnel_pids += processes.map{|ps| ps[:pid]} - assert accept_port = stunnel_conf['accept_port'], "Field `accept` must be present in property `stunnel.servers.#{stunnel_name}`" - assert_tcp_socket('localhost', accept_port) - assert connect_port = stunnel_conf['connect_port'], "Field `connect` must be present in property `stunnel.servers.#{stunnel_name}`" - assert_tcp_socket('localhost', connect_port, - "The local connect endpoint for stunnel `#{stunnel_name}` is unavailable.\n"+ - "This is probably caused by a daemon that died or failed to start on\n"+ - "port `#{connect_port}`, not stunnel itself.") - end - all_stunnel_pids = pgrep('/usr/bin/stunnel').collect{|process| process[:pid]}.uniq - assert_equal good_stunnel_pids.sort, all_stunnel_pids.sort, "There should not be any extra stunnel processes that are not configured in /etc/stunnel" - pass - end - - def test_03_Is_shorewall_running? - ignore unless File.exist?('/sbin/shorewall') - assert_run('/sbin/shorewall status') - pass - end - - THIRTY_DAYS = 60*60*24*30 - - def test_04_Are_server_certificates_valid? - cert_paths = ["/etc/x509/certs/leap_commercial.crt", "/etc/x509/certs/leap.crt"] - cert_paths.each do |cert_path| - if File.exist?(cert_path) - cert = OpenSSL::X509::Certificate.new(File.read(cert_path)) - if Time.now > cert.not_after - fail "The certificate #{cert_path} expired on #{cert.not_after}" - elsif Time.now + THIRTY_DAYS > cert.not_after - fail "The certificate #{cert_path} will expire soon, on #{cert.not_after}" - end - end - end - pass - end - -end diff --git a/tests/white-box/openvpn.rb b/tests/white-box/openvpn.rb deleted file mode 100644 index 170d4503..00000000 --- a/tests/white-box/openvpn.rb +++ /dev/null @@ -1,16 +0,0 @@ -raise SkipTest unless service?(:openvpn) - -class OpenVPN < LeapTest - depends_on "Network" - - def setup - end - - def test_01_Are_daemons_running? - assert_running '^/usr/sbin/openvpn .* /etc/openvpn/tcp_config.conf$' - assert_running '^/usr/sbin/openvpn .* /etc/openvpn/udp_config.conf$' - assert_running '^/usr/sbin/unbound$' - pass - end - -end diff --git a/tests/white-box/soledad.rb b/tests/white-box/soledad.rb deleted file mode 100644 index d41bee58..00000000 --- a/tests/white-box/soledad.rb +++ /dev/null @@ -1,17 +0,0 @@ -raise SkipTest unless service?(:soledad) - -require 'json' - -class Soledad < LeapTest - depends_on "Network" - depends_on "CouchDB" if service?(:couchdb) - - def setup - end - - def test_00_Is_Soledad_running? - assert_running '.*/usr/bin/twistd.*--wsgi=leap.soledad.server.application' - pass - end - -end diff --git a/tests/white-box/webapp.rb b/tests/white-box/webapp.rb deleted file mode 100644 index 40c234d6..00000000 --- a/tests/white-box/webapp.rb +++ /dev/null @@ -1,114 +0,0 @@ -raise SkipTest unless service?(:webapp) - -require 'json' - -class Webapp < LeapTest - depends_on "Network" - - def setup - end - - def test_01_Can_contact_couchdb? - url = couchdb_url("", url_options) - assert_get(url) do |body| - assert_match /"couchdb":"Welcome"/, body, "Request to #{url} should return couchdb welcome message." - end - pass - end - - def test_02_Can_contact_couchdb_via_haproxy? - if property('haproxy.couch') - url = couchdb_url_via_haproxy("", url_options) - assert_get(url) do |body| - assert_match /"couchdb":"Welcome"/, body, "Request to #{url} should return couchdb welcome message." - end - pass - end - end - - def test_03_Are_daemons_running? - assert_running '^/usr/sbin/apache2' - assert_running '^/usr/bin/ruby /usr/bin/nickserver' - pass - end - - # - # this is technically a black-box test. so, move this when we have support - # for black box tests. - # - def test_04_Can_access_webapp? - assert_get('https://' + $node['webapp']['domain'] + '/') - pass - end - - def test_05_Can_create_and_authenticate_and_delete_user_via_API? - if property('webapp.allow_registration') - assert_tmp_user - pass - else - skip "New user registrations are disabled." - end - end - - def test_06_Can_sync_Soledad? - return unless property('webapp.allow_registration') - soledad_config = property('definition_files.soledad_service') - if soledad_config && !soledad_config.empty? - soledad_server = pick_soledad_server(soledad_config) - if soledad_server - assert_tmp_user do |user| - command = File.expand_path "../../helpers/soledad_sync.py", __FILE__ - soledad_url = "https://#{soledad_server}/user-#{user.id}" - soledad_cert = "/usr/local/share/ca-certificates/leap_ca.crt" - assert_run "#{command} #{user.id} #{user.session_token} #{soledad_url} #{soledad_cert} #{user.password}" - assert_user_db_privileges(user) - pass - end - end - else - skip 'No soledad service configuration' - end - end - - private - - def url_options - { - :username => property('webapp.couchdb_webapp_user.username'), - :password => property('webapp.couchdb_webapp_user.password') - } - end - - # - # pick a random soledad server. - # I am not sure why, but using IP address directly does not work. - # - def pick_soledad_server(soledad_config_json_str) - soledad_config = JSON.parse(soledad_config_json_str) - host_name = soledad_config['hosts'].keys.shuffle.first - if host_name - hostname = soledad_config['hosts'][host_name]['hostname'] - port = soledad_config['hosts'][host_name]['port'] - return "#{hostname}:#{port}" - else - return nil - end - end - - # - # checks if user db exists and is properly protected - # - def assert_user_db_privileges(user) - db_name = "/user-#{user.id}" - get(couchdb_url(db_name)) do |body, response, error| - code = response.code.to_i - assert code != 404, "Could not find user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}" - # After moving to couchdb, webapp user is not allowed to Read user dbs, - # but the return code for non-existent databases is 404. See #7674 - # 401 should come as we aren't supposed to have read privileges on it. - assert code != 200, "Incorrect security settings (design doc) on user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}" - assert code == 401, "Unknown error on user db on user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}" - end - end - -end -- cgit v1.2.3 From e6544ecc5a51ad6502a64bd08df71aa7ff75a3ee Mon Sep 17 00:00:00 2001 From: elijah Date: Mon, 29 Aug 2016 16:39:13 -0700 Subject: moved vagrant example provider to tests/example-provider --- tests/README.md | 29 +++++++ tests/example-provider/README.md | 8 ++ tests/example-provider/Vagrantfile | 58 ++++++++++++++ tests/example-provider/hiera.yaml | 6 ++ tests/example-provider/vagrant/add-pixelated.sh | 32 ++++++++ tests/example-provider/vagrant/configure-leap.sh | 92 ++++++++++++++++++++++ tests/example-provider/vagrant/install-platform.pp | 15 ++++ tests/example-provider/vagrant/vagrant.config | 23 ++++++ 8 files changed, 263 insertions(+) create mode 100644 tests/README.md create mode 100644 tests/example-provider/README.md create mode 100644 tests/example-provider/Vagrantfile create mode 100644 tests/example-provider/hiera.yaml create mode 100755 tests/example-provider/vagrant/add-pixelated.sh create mode 100755 tests/example-provider/vagrant/configure-leap.sh create mode 100755 tests/example-provider/vagrant/install-platform.pp create mode 100644 tests/example-provider/vagrant/vagrant.config (limited to 'tests') diff --git a/tests/README.md b/tests/README.md new file mode 100644 index 00000000..a3628495 --- /dev/null +++ b/tests/README.md @@ -0,0 +1,29 @@ +What is here? + +**server-tests/** + +These are the tests run on a provider's servers using the command: + + workstation$ leap test + +Or the command: + + server# run_tests + +These tests are to confirm that a provider's infrasture is working and to troubleshoot any possible problems. + +**example-provider/** + +Files to support the command: + + cd leap_platform/tests/example-provider + vagrant up + +For quick booting a pre-configured sample provider, running in a single virtual +machine. + +**platform-ci/** + +Continous integration tests run for the LEAP Platform. These tests are for the +platform code itself. + diff --git a/tests/example-provider/README.md b/tests/example-provider/README.md new file mode 100644 index 00000000..62cdc01a --- /dev/null +++ b/tests/example-provider/README.md @@ -0,0 +1,8 @@ +Here lies a script to generate a pre-configured provider using Vagrant virtual +machines. + +All you have to do is this: + + cd leap_platform/tests/example-provider + vagrant up + diff --git a/tests/example-provider/Vagrantfile b/tests/example-provider/Vagrantfile new file mode 100644 index 00000000..1e410f5e --- /dev/null +++ b/tests/example-provider/Vagrantfile @@ -0,0 +1,58 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + + # shared config for all boxes + + # make the leap_platform directory available as /srv/leap_platform + # inside the virtual machine. + config.vm.synced_folder "../..", "/srv/leap_platform" + + # Please verify the sha512 sum of the downloaded box before importing it into vagrant ! + # see https://leap.se/en/docs/platform/details/development#Verify.vagrantbox.download + # for details + config.vm.box = "LEAP/jessie" + + config.vm.provider "virtualbox" do |v| + v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] + v.name = "jessie" + v.memory = 1536 + end + + config.vm.provider "libvirt" do |v| + v.memory = 1536 + end + + # Fix annoying 'stdin: is not a tty' warning + # see http://foo-o-rama.com/vagrant--stdin-is-not-a-tty--fix.html + config.vm.provision "shell" do |s| + s.privileged = false + s.inline = "sudo sed -i '/tty/!s/mesg n/tty -s \\&\\& mesg n/' /root/.profile" + end + + config.vm.provision "puppet" do |puppet| + puppet.manifests_path = "./vagrant" + puppet.module_path = "../../puppet/modules" + puppet.manifest_file = "install-platform.pp" + puppet.options = "--verbose" + puppet.hiera_config_path = "./hiera.yaml" + end + config.vm.provision "shell", path: "vagrant/configure-leap.sh" + + config.ssh.username = "vagrant" + + # forward leap_web ports + config.vm.network "forwarded_port", guest: 443, host:4443 + # forward pixelated ports + config.vm.network "forwarded_port", guest: 8080, host:8080 + config.vm.network "forwarded_port", guest: 4430, host:4430 + + config.vm.define :"leap_platform", primary: true do |leap_vagrant| + end + + config.vm.define :"pixelated", autostart: false do |pixelated_vagrant| + pixelated_vagrant.vm.provision "shell", path: "vagrant/add-pixelated.sh" + end + +end diff --git a/tests/example-provider/hiera.yaml b/tests/example-provider/hiera.yaml new file mode 100644 index 00000000..3ff857b8 --- /dev/null +++ b/tests/example-provider/hiera.yaml @@ -0,0 +1,6 @@ +--- +:backends: yaml +:yaml: + :datadir: /var/lib/hiera +:hierarchy: common +:logger: console diff --git a/tests/example-provider/vagrant/add-pixelated.sh b/tests/example-provider/vagrant/add-pixelated.sh new file mode 100755 index 00000000..f9908947 --- /dev/null +++ b/tests/example-provider/vagrant/add-pixelated.sh @@ -0,0 +1,32 @@ +#!/bin/bash +# +# adds pixelated-server to the node + +. /vagrant/vagrant/vagrant.config + +cd "$PROVIDERDIR" + +if ! git submodule status files/puppet/modules/pixelated > /dev/null 2>&1; then + git submodule add https://github.com/pixelated/puppet-pixelated.git files/puppet/modules/pixelated +fi + +echo '{}' > services/pixelated.json +[ -d files/puppet/modules/custom/manifests ] || mkdir -p files/puppet/modules/custom/manifests +echo 'class custom { include ::pixelated}' > files/puppet/modules/custom/manifests/init.pp + +$LEAP $OPTS -v 2 deploy + +echo '===============================================' +echo 'testing the platform' +echo '===============================================' + +$LEAP $OPTS -v 2 test --continue + + +echo -e '\n===========================================================================================================\n\n' +echo -e 'You are now ready to use your vagrant Pixelated provider.\n' + +echo -e 'The LEAP webapp is available at https://localhost:4443. Use it to register an account before using the Pixelated Useragent.\n' +echo -e 'The Pixelated Useragent is available at https://localhost:8080\n' + +echo -e 'Please add an exception for both sites in your browser dialog to allow the self-signed certificate.\n' diff --git a/tests/example-provider/vagrant/configure-leap.sh b/tests/example-provider/vagrant/configure-leap.sh new file mode 100755 index 00000000..fd34d7ea --- /dev/null +++ b/tests/example-provider/vagrant/configure-leap.sh @@ -0,0 +1,92 @@ +#!/bin/bash + + +. /vagrant/vagrant/vagrant.config + +echo '===============================================' +echo 'configuring leap' +echo '===============================================' + +# purge $PROVIDERDIR so this script can be run multiple times +[ -e $PROVIDERDIR ] && rm -rf $PROVIDERDIR + +mkdir -p $PROVIDERDIR +chown ${USER}:${USER} ${PROVIDERDIR} +cd $PROVIDERDIR + +$LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform="$PLATFORMDIR" . +echo -e '\n@log = "./deploy.log"' >> Leapfile + +if [ ! -e /home/${USER}/.ssh/id_rsa ]; then + $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P '' + [ -d /root/.ssh ] || mkdir /root/.ssh + cat /home/${USER}/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys +fi + +$SUDO mkdir -p ${PROVIDERDIR}/files/nodes/${NODE} +sh -c "cat /etc/ssh/ssh_host_rsa_key.pub | cut -d' ' -f1,2 >> $PROVIDERDIR/files/nodes/$NODE/${NODE}_ssh.pub" +chown ${USER}:${USER} ${PROVIDERDIR}/files/nodes/${NODE}/${NODE}_ssh.pub + +$LEAP $OPTS add-user --self +$LEAP $OPTS cert ca +$LEAP $OPTS cert csr +$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" couch.mode:plain services:"$services" tags:production +echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json + +$LEAP $OPTS compile + +$GIT init +$GIT add . +$GIT commit -m'configured provider' + +$LEAP $OPTS node init $NODE +if [ $? -eq 1 ]; then + echo 'node init failed' + exit 1 +fi + +# couchrest gem does currently not install on jessie +# https://leap.se/code/issues/7754 +# workaround is to install rake as gem +gem install rake + +$LEAP $OPTS -v 2 deploy + +$GIT add . +$GIT commit -m'initialized and deployed provider' + +# Vagrant: leap_mx fails to start on jessie +# https://leap.se/code/issues/7755 +# Workaround: we stop and start leap-mx after deploy and +# before testing + +service leap-mx stop +service leap-mx start + + + +echo '===============================================' +echo 'testing the platform' +echo '===============================================' + +$LEAP $OPTS -v 2 test --continue + +echo '===============================================' +echo 'setting node to demo-mode' +echo '===============================================' +postconf -e default_transport='error: in demo mode' + +# add users: testadmin and testuser with passwords "hallo123" +curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testuser&user%5Bpassword_salt%5D=7d4880237a038e0e&user%5Bpassword_verifier%5D=b98dc393afcd16e5a40fb57ce9cddfa6a978b84be326196627c111d426cada898cdaf3a6427e98b27daf4b0ed61d278bc856515aeceb2312e50c8f816659fcaa4460d839a1e2d7ffb867d32ac869962061368141c7571a53443d58dc84ca1fca34776894414c1090a93e296db6cef12c2cc3f7a991b05d49728ed358fd868286" +curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testadmin&user%5Bpassword_salt%5D=ece1c457014d8282&user%5Bpassword_verifier%5D=9654d93ab409edf4ff1543d07e08f321107c3fd00de05c646c637866a94f28b3eb263ea9129dacebb7291b3374cc6f0bf88eb3d231eb3a76eed330a0e8fd2a5c477ed2693694efc1cc23ae83c2ae351a21139701983dd595b6c3225a1bebd2a4e6122f83df87606f1a41152d9890e5a11ac3749b3bfcf4407fc83ef60b4ced68" + +echo -e '\n===========================================================================================================\n\n' +echo -e 'You are now ready to use your local LEAP provider.\n' +echo 'If you want to use the *Bitmask client* with your provider, please update your /etc/hosts with following dns overrides:' + +$LEAP list --print ip_address,domain.full,dns.aliases | sed 's/^.* //' | sed 's/, null//g' | tr -d '\]\[",' + +echo 'Please see https://leap.se/en/docs/platform/tutorials/vagrant#use-the-bitmask-client-to-do-an-initial-soledad-sync for more details how to use and test your LEAP provider.' +echo -e "\nIf you don't want to use the Bitmask client, please ignore the above instructions.\n" +echo -e 'The LEAP webapp is now available at https://localhost:4443\n' +echo -e 'Please add an exception in your browser dialog to allow the self-signed certificate.\n' diff --git a/tests/example-provider/vagrant/install-platform.pp b/tests/example-provider/vagrant/install-platform.pp new file mode 100755 index 00000000..223853c1 --- /dev/null +++ b/tests/example-provider/vagrant/install-platform.pp @@ -0,0 +1,15 @@ +class {'apt': } +Exec['update_apt'] -> Package <||> + +# install leap_cli from source, so it will work with the develop +# branch of leap_platform +class { '::leap::cli::install': + source => true, +} + +file { [ '/srv/leap', '/srv/leap/configuration', '/var/log/leap' ]: + ensure => directory +} + +# install prerequisites for configuring the provider +include ::git diff --git a/tests/example-provider/vagrant/vagrant.config b/tests/example-provider/vagrant/vagrant.config new file mode 100644 index 00000000..60d2a52c --- /dev/null +++ b/tests/example-provider/vagrant/vagrant.config @@ -0,0 +1,23 @@ +# provider config values used by vagrant provision scripts +provider_domain='example.org' +provider_name='Leap Example Provider' +contacts="no-reply@$provider_domain" + +# serivces that get configured +# note that the "openvpn" service does currently *not* work +# in a vagrant setup, +# see https://leap.se/en/docs/platform/troubleshooting/known-issues#Special.Environments +# to speed up things, don't deploy monitor service by default +# services='webapp,mx,couchdb,soledad,monitor' +services='webapp,mx,couchdb,soledad' + +# default vars used by vagrant provision scripts +OPTS='' +USER='vagrant' +NODE='node1' +SUDO="sudo -u ${USER}" +PROVIDERDIR="/home/${USER}/leap/configuration" +PLATFORMDIR="/srv/leap_platform" +LEAP="$SUDO /usr/local/bin/leap" +GIT="$SUDO git" + -- cgit v1.2.3 From 1d56c0a7795ef87e34bd06c93a6525f3068aa536 Mon Sep 17 00:00:00 2001 From: elijah Date: Mon, 29 Aug 2016 21:13:42 -0700 Subject: move platform ci tests to tests/platform-ci --- tests/README.md | 9 +- tests/example-provider/README.md | 2 +- tests/platform-ci/Gemfile | 15 +++ tests/platform-ci/README.md | 11 ++ tests/platform-ci/Rakefile | 121 +++++++++++++++++++++ tests/platform-ci/hiera.yaml | 16 +++ tests/platform-ci/provider/.platform-test.conf | 13 +++ tests/platform-ci/provider/Leapfile | 1 + tests/platform-ci/provider/common.json | 12 ++ tests/platform-ci/provider/facts.json | 1 + tests/platform-ci/provider/files/ca/ca.crt | 32 ++++++ tests/platform-ci/provider/files/ca/ca.key | 51 +++++++++ tests/platform-ci/provider/files/ca/client_ca.crt | 33 ++++++ tests/platform-ci/provider/files/ca/client_ca.key | 51 +++++++++ tests/platform-ci/provider/files/ca/dh.pem | 19 ++++ .../provider/files/cert/commercial_ca.crt | 32 ++++++ .../provider/files/cert/example.org.crt | 31 ++++++ .../provider/files/cert/example.org.csr | 27 +++++ .../provider/files/cert/example.org.key | 51 +++++++++ tests/platform-ci/provider/files/mx/dkim.key | 27 +++++ tests/platform-ci/provider/files/mx/dkim.pub | 9 ++ tests/platform-ci/provider/files/ssh/known_hosts | 4 + tests/platform-ci/provider/files/ssh/monitor_ssh | 51 +++++++++ .../platform-ci/provider/files/ssh/monitor_ssh.pub | 1 + tests/platform-ci/provider/nodes/catalogtest.json | 39 +++++++ tests/platform-ci/provider/provider.json | 18 +++ tests/platform-ci/provider/tags/catalogtest.json | 1 + .../users/gitlab-runner/gitlab-runner_ssh.pub | 1 + tests/platform-ci/setup.sh | 4 + tests/puppet/hiera.yaml | 15 --- tests/puppet/provider/.platform-test.conf | 13 --- tests/puppet/provider/Leapfile | 2 - tests/puppet/provider/common.json | 12 -- tests/puppet/provider/facts.json | 1 - tests/puppet/provider/files/ca/ca.crt | 32 ------ tests/puppet/provider/files/ca/ca.key | 51 --------- tests/puppet/provider/files/ca/client_ca.crt | 33 ------ tests/puppet/provider/files/ca/client_ca.key | 51 --------- tests/puppet/provider/files/ca/dh.pem | 19 ---- tests/puppet/provider/files/cert/commercial_ca.crt | 32 ------ tests/puppet/provider/files/cert/example.org.crt | 31 ------ tests/puppet/provider/files/cert/example.org.csr | 27 ----- tests/puppet/provider/files/cert/example.org.key | 51 --------- tests/puppet/provider/files/mx/dkim.key | 27 ----- tests/puppet/provider/files/mx/dkim.pub | 9 -- tests/puppet/provider/files/ssh/known_hosts | 4 - tests/puppet/provider/files/ssh/monitor_ssh | 51 --------- tests/puppet/provider/files/ssh/monitor_ssh.pub | 1 - tests/puppet/provider/nodes/catalogtest.json | 39 ------- tests/puppet/provider/provider.json | 18 --- tests/puppet/provider/tags/catalogtest.json | 1 - .../users/gitlab-runner/gitlab-runner_ssh.pub | 1 - 52 files changed, 675 insertions(+), 529 deletions(-) create mode 100644 tests/platform-ci/Gemfile create mode 100644 tests/platform-ci/README.md create mode 100644 tests/platform-ci/Rakefile create mode 100644 tests/platform-ci/hiera.yaml create mode 100644 tests/platform-ci/provider/.platform-test.conf create mode 100644 tests/platform-ci/provider/Leapfile create mode 100644 tests/platform-ci/provider/common.json create mode 100644 tests/platform-ci/provider/facts.json create mode 100644 tests/platform-ci/provider/files/ca/ca.crt create mode 100644 tests/platform-ci/provider/files/ca/ca.key create mode 100644 tests/platform-ci/provider/files/ca/client_ca.crt create mode 100644 tests/platform-ci/provider/files/ca/client_ca.key create mode 100644 tests/platform-ci/provider/files/ca/dh.pem create mode 100644 tests/platform-ci/provider/files/cert/commercial_ca.crt create mode 100644 tests/platform-ci/provider/files/cert/example.org.crt create mode 100644 tests/platform-ci/provider/files/cert/example.org.csr create mode 100644 tests/platform-ci/provider/files/cert/example.org.key create mode 100644 tests/platform-ci/provider/files/mx/dkim.key create mode 100644 tests/platform-ci/provider/files/mx/dkim.pub create mode 100644 tests/platform-ci/provider/files/ssh/known_hosts create mode 100644 tests/platform-ci/provider/files/ssh/monitor_ssh create mode 100644 tests/platform-ci/provider/files/ssh/monitor_ssh.pub create mode 100644 tests/platform-ci/provider/nodes/catalogtest.json create mode 100644 tests/platform-ci/provider/provider.json create mode 100644 tests/platform-ci/provider/tags/catalogtest.json create mode 100644 tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub create mode 100755 tests/platform-ci/setup.sh delete mode 100644 tests/puppet/hiera.yaml delete mode 100644 tests/puppet/provider/.platform-test.conf delete mode 100644 tests/puppet/provider/Leapfile delete mode 100644 tests/puppet/provider/common.json delete mode 100644 tests/puppet/provider/facts.json delete mode 100644 tests/puppet/provider/files/ca/ca.crt delete mode 100644 tests/puppet/provider/files/ca/ca.key delete mode 100644 tests/puppet/provider/files/ca/client_ca.crt delete mode 100644 tests/puppet/provider/files/ca/client_ca.key delete mode 100644 tests/puppet/provider/files/ca/dh.pem delete mode 100644 tests/puppet/provider/files/cert/commercial_ca.crt delete mode 100644 tests/puppet/provider/files/cert/example.org.crt delete mode 100644 tests/puppet/provider/files/cert/example.org.csr delete mode 100644 tests/puppet/provider/files/cert/example.org.key delete mode 100644 tests/puppet/provider/files/mx/dkim.key delete mode 100644 tests/puppet/provider/files/mx/dkim.pub delete mode 100644 tests/puppet/provider/files/ssh/known_hosts delete mode 100644 tests/puppet/provider/files/ssh/monitor_ssh delete mode 100644 tests/puppet/provider/files/ssh/monitor_ssh.pub delete mode 100644 tests/puppet/provider/nodes/catalogtest.json delete mode 100644 tests/puppet/provider/provider.json delete mode 100644 tests/puppet/provider/tags/catalogtest.json delete mode 100644 tests/puppet/provider/users/gitlab-runner/gitlab-runner_ssh.pub (limited to 'tests') diff --git a/tests/README.md b/tests/README.md index a3628495..ea6bcaa9 100644 --- a/tests/README.md +++ b/tests/README.md @@ -14,13 +14,8 @@ These tests are to confirm that a provider's infrasture is working and to troubl **example-provider/** -Files to support the command: - - cd leap_platform/tests/example-provider - vagrant up - -For quick booting a pre-configured sample provider, running in a single virtual -machine. +Allows you to generate a pre-configured provider using Vagrant virtual +machines. **platform-ci/** diff --git a/tests/example-provider/README.md b/tests/example-provider/README.md index 62cdc01a..80cb3ae9 100644 --- a/tests/example-provider/README.md +++ b/tests/example-provider/README.md @@ -1,5 +1,5 @@ Here lies a script to generate a pre-configured provider using Vagrant virtual -machines. +machines. This virtual provider includes only a single node. All you have to do is this: diff --git a/tests/platform-ci/Gemfile b/tests/platform-ci/Gemfile new file mode 100644 index 00000000..aea88237 --- /dev/null +++ b/tests/platform-ci/Gemfile @@ -0,0 +1,15 @@ +source "https://rubygems.org" + +group :test do + gem "rake" + gem "rspec", '< 3.2.0' + gem "puppet", ENV['PUPPET_VERSION'] || ENV['GEM_PUPPET_VERSION'] || ENV['PUPPET_GEM_VERSION'] || '~> 3.8' + gem "facter", ENV['FACTER_VERSION'] || ENV['GEM_FACTER_VERSION'] || ENV['FACTER_GEM_VERSION'] || '~> 2.2.0' + gem "rspec-puppet" + gem "puppetlabs_spec_helper" + gem "metadata-json-lint" + gem "rspec-puppet-facts" + gem "mocha" + gem "puppet-catalog-test" + gem "leap_cli", :git => 'https://leap.se/git/leap_cli.git', :branch => 'develop' +end diff --git a/tests/platform-ci/README.md b/tests/platform-ci/README.md new file mode 100644 index 00000000..bc48b21f --- /dev/null +++ b/tests/platform-ci/README.md @@ -0,0 +1,11 @@ +Continuous integration tests for the leap_platform code. + +Usage: + + ./setup.sh + bin/rake test:syntax + bin/rake test:catalog + +For a list of all tasks: + + bin/rake -T diff --git a/tests/platform-ci/Rakefile b/tests/platform-ci/Rakefile new file mode 100644 index 00000000..5443be36 --- /dev/null +++ b/tests/platform-ci/Rakefile @@ -0,0 +1,121 @@ +require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' +require 'puppet-syntax/tasks/puppet-syntax' +require 'puppet-catalog-test' + +CI_DIR = File.dirname(__FILE__) +PLATFORM_DIR = File.expand_path('../..', CI_DIR) +PROVIDER_DIR = File.join(CI_DIR, 'provider') + +# +# return list of modules, either "external" (submodules or subrepos), "custom" +# (no submodules nor subrepos) or all modules so we can check each array +# seperately +# +def modules_pattern (type) + external = Array.new + internal = Array.new + all = Array.new + + Dir.chdir(PLATFORM_DIR) do + Dir['puppet/modules/*'].sort.each do |m| + + # submodule or subrepo ? + system("grep -q #{m} .gitmodules 2>/dev/null || test -f #{m}/.gitrepo") + if $?.exitstatus == 0 + external << m + '/**/*.pp' + else + internal << m + '/**/*.pp' + end + all << m + '/**/*.pp' + end + + case type + when 'external' + external + when 'internal' + internal + when 'all' + all + end + end +end + +exclude_paths = ["**/vendor/**/*", "spec/fixtures/**/*", "pkg/**/*" ] + +# +# redefine lint task so we don't lint submoudules for now +# +Rake::Task[:lint].clear +PuppetLint::RakeTask.new :lint do |config| + # only check for custom manifests, not submodules for now + config.pattern = modules_pattern('internal') + config.ignore_paths = exclude_paths + config.disable_checks = ['documentation', '140chars', 'arrow_alignment'] + config.fail_on_warnings = false +end + +# rake syntax::* tasks +PuppetSyntax.exclude_paths = exclude_paths +PuppetSyntax.future_parser = true + +desc "Validate erb templates" +task :templates do + Dir.chdir(PLATFORM_DIR) do + Dir['**/templates/**/*.erb'].each do |template| + sh "erb -P -x -T '-' #{template} | ruby -c" unless template =~ /.*vendor.*/ + end + end +end + +namespace :platform do + desc "Compile hiera config for test_provider" + task :provider_compile do + Dir.chdir(PROVIDER_DIR) do + sh "bundle exec leap compile" + end + end +end + +PuppetCatalogTest::RakeTask.new('catalog') do |t| + Rake::Task["platform:provider_compile"].invoke + t.module_paths = [File.join(PLATFORM_DIR, "puppet", "modules")] + t.manifest_path = File.join(PLATFORM_DIR, "puppet","manifests", "site.pp") + t.facts = { + "operatingsystem" => "Debian", + "osfamily" => "Debian", + "operatingsystemmajrelease" => "8", + "debian_release" => "stable", + "debian_codename" => "jessie", + "lsbdistcodename" => "jessie", + "concat_basedir" => "/var/lib/puppet/concat", + "interfaces" => "eth0" + } + + # crucial option for hiera integration + t.config_dir = CI_DIR # expects hiera.yaml to be included in directory + + # t.parser = "future" + #t.verbose = true +end + + +namespace :test do + # :syntax:templates fails on squirrel, see https://jenkins.leap.se/view/Platform%20Builds/job/platform_citest/115/console + # but we have our own synax test + desc "Run all puppet syntax checks required for CI (syntax , validate, templates, spec, lint)" + task :syntax => [:"syntax:hiera", :"syntax:manifests", :validate, :templates, :spec, :lint] + + desc "Tries to compile the catalog" + task :catalog => [:catalog] + + #task :all => [:syntax, :catalog] +end + +# unfortunatly, we cannot have one taks to rule them all +# because :catalog would conflict with :syntax or :validate: +# rake aborted! +# Puppet::DevError: Attempting to initialize global default settings more than once! +# /home/varac/dev/projects/leap/git/leap_platform/vendor/bundle/ruby/2.3.0/gems/puppet-3.8.7/lib/puppet/settings.rb:261:in `initialize_global_settings' +#desc "Run all platform tests" +#task :test => 'test:all' diff --git a/tests/platform-ci/hiera.yaml b/tests/platform-ci/hiera.yaml new file mode 100644 index 00000000..a23d8b92 --- /dev/null +++ b/tests/platform-ci/hiera.yaml @@ -0,0 +1,16 @@ +--- +:backends: + - yaml + - puppet + +:logger: console + +:yaml: + :datadir: provider/hiera + +:hierarchy: + - catalogtest + +:puppet: + :datasource: data + diff --git a/tests/platform-ci/provider/.platform-test.conf b/tests/platform-ci/provider/.platform-test.conf new file mode 100644 index 00000000..621fb7b7 --- /dev/null +++ b/tests/platform-ci/provider/.platform-test.conf @@ -0,0 +1,13 @@ +export ROOTDIR=$(pwd) + +export PROVIDERDIR="${ROOTDIR}/tests/puppet/provider" +export PLATFORMDIR="$ROOTDIR" +export LOGDIR="$ROOTDIR/builds/log" + +export CONTACTS="sysdev@leap.se" +export MAIL_TO=$CONTACTS + +export OPTS='--yes' +export FILTER_COMMON="" + +export LEAP_CMD="bundle exec leap" diff --git a/tests/platform-ci/provider/Leapfile b/tests/platform-ci/provider/Leapfile new file mode 100644 index 00000000..f54c9293 --- /dev/null +++ b/tests/platform-ci/provider/Leapfile @@ -0,0 +1 @@ +@platform_directory_path = "../../.." diff --git a/tests/platform-ci/provider/common.json b/tests/platform-ci/provider/common.json new file mode 100644 index 00000000..a13f8f75 --- /dev/null +++ b/tests/platform-ci/provider/common.json @@ -0,0 +1,12 @@ +{ + "sources": { + "platform": { + "apt": { + "basic": "http://deb.leap.se/experimental-0.9" + } + }, + "nickserver": { + "revision": "develop" + } + } +} diff --git a/tests/platform-ci/provider/facts.json b/tests/platform-ci/provider/facts.json new file mode 100644 index 00000000..0967ef42 --- /dev/null +++ b/tests/platform-ci/provider/facts.json @@ -0,0 +1 @@ +{} diff --git a/tests/platform-ci/provider/files/ca/ca.crt b/tests/platform-ci/provider/files/ca/ca.crt new file mode 100644 index 00000000..01df56a7 --- /dev/null +++ b/tests/platform-ci/provider/files/ca/ca.crt @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFbzCCA1egAwIBAgIBATANBgkqhkiG9w0BAQ0FADBKMRAwDgYDVQQKDAdFeGFt +cGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMRgwFgYDVQQDDA9FeGFt +cGxlIFJvb3QgQ0EwHhcNMTYwNjExMDAwMDAwWhcNMjYwNjExMDAwMDAwWjBKMRAw +DgYDVQQKDAdFeGFtcGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMRgw +FgYDVQQDDA9FeGFtcGxlIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQCyW2rTcWimY288/Ddu7OPvJxShS1RInQqfq8hYy6hEK2QYn656dRDf +pJXgSYWMvWzSXWJiQkyA8L2+DDilFtccqToqnKE7IwYHlxaeh8OSyZcHl4YCpWJi +1rc7pysN/l/0pjsp1aKKyHEObnkGMev07uGmI8aOE4Yvd2K5LjBjlov5mNnbYEHW +j+hWctV6OcphnxVboqtTy+0Ewv5D56snLjUtedyB7Er4ryRjIrWOyd+ZSyi03zov +oY1xPXS5wSxCc6y6wOKt7/noIg9xxWi7XgSd3OVtPYRU3Io62lMBSzNG6fmos3Mb +E4ui5ma7IFCJlMEFHirVSBiHn2jwsDtSsrTl0JHJS5ud8Eve5vV0r/n07QsDMhj5 +ol+YDq4+VvOekCAH75GFYkMIzpgcVzC2a1Rq7JTkcnINAF/m47yBLPomItklHv0z ++I23Q+jjTaM2A+40T2K+YRLjFyZwrlCAScjMwPFspnGxfa02miYENhPV1TdTP/ap +QE7TSl6oFiNrTh7INHGvKgrZYRW598dgAWNKG4zWY8Vj/bIXR1lC8Lp6enQtsIsU +WiF+zl+xq6bRHg7W419qQowiD349gPXIJGlXEzLqjgLpmpFywrpzxBv6sfZgYT9d +OPATT+GSiOFYJh9K4/JIxOFBJhzDD6PribjhzydPMTojSJ2Xu7nsOwIDAQABo2Aw +XjAdBgNVHQ4EFgQUlhC2wfrVFzGrtuzcA0mkO+yn9bgwDgYDVR0PAQH/BAQDAgIE +MAwGA1UdEwQFMAMBAf8wHwYDVR0jBBgwFoAUlhC2wfrVFzGrtuzcA0mkO+yn9bgw +DQYJKoZIhvcNAQENBQADggIBAAKdSviiZY8tINlDSVrib0CyDbXymO5uTPRqsf/u +MC7/DYXlNFy0GHpX4Ls6GcJN5DdZAG0TaoWo5RkNerxqv78sGJsmPqWt55cpBPVe +NLpFmxcOmLClSDLBhSaq5ggbxULScee7MS1gPHqz1BHXmi7ZJIip4VeVA2e1E52F +J7E4Y36AJOdZYLgz50YOX/NZwSYBTMy7RI1MiqG/eJf1BjkwtSyO7FTjPXsdKi8x +HhtRr5udm7Nprq1eJUUDD0+z4kAeTe/LJeuhxc4QKzpVZkE1peW6Wlklp0cdLJud +7gUsY1GFnNhZDDQ3SW2ZJ/p2OdH35rX96cj+6VClqSQMbH4rL63tICLmAsEzPKwJ +57bGVUM822n4mh0vn79dam40vMw7wkTKqIKVyLhk30N5/73XczpoLhvVdKDtA1Aj +C6LseWq4CZsaRSCgk2VsEEYyl7M+BIREuhYOllsILneOTiCOCnU4EdnBQZIHdz3S +xhduafYXLa7RHkFMfOjtmhogXXpGyaQuS8IsivIowOxKoIZo47IhYRRAghrVN2HK +ZXrgftIHNfHsFLfe6iiQBgaRn/1w7xOIPVDBqlZKKAMQE7cvum2o6dJo03Sc4dIe +rvIU1WGNRLM3/AsbZ/7gqwD3INiNUPeuVaiRqvLvXnKfHlR/4s2wZrnKqUgYF1Go +arXF +-----END CERTIFICATE----- diff --git a/tests/platform-ci/provider/files/ca/ca.key b/tests/platform-ci/provider/files/ca/ca.key new file mode 100644 index 00000000..c022b19a --- /dev/null +++ b/tests/platform-ci/provider/files/ca/ca.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAsltq03FopmNvPPw3buzj7ycUoUtUSJ0Kn6vIWMuoRCtkGJ+u +enUQ36SV4EmFjL1s0l1iYkJMgPC9vgw4pRbXHKk6KpyhOyMGB5cWnofDksmXB5eG +AqViYta3O6crDf5f9KY7KdWiishxDm55BjHr9O7hpiPGjhOGL3diuS4wY5aL+ZjZ +22BB1o/oVnLVejnKYZ8VW6KrU8vtBML+Q+erJy41LXncgexK+K8kYyK1jsnfmUso +tN86L6GNcT10ucEsQnOsusDire/56CIPccVou14EndzlbT2EVNyKOtpTAUszRun5 +qLNzGxOLouZmuyBQiZTBBR4q1UgYh59o8LA7UrK05dCRyUubnfBL3ub1dK/59O0L +AzIY+aJfmA6uPlbznpAgB++RhWJDCM6YHFcwtmtUauyU5HJyDQBf5uO8gSz6JiLZ +JR79M/iNt0Po402jNgPuNE9ivmES4xcmcK5QgEnIzMDxbKZxsX2tNpomBDYT1dU3 +Uz/2qUBO00peqBYja04eyDRxryoK2WEVuffHYAFjShuM1mPFY/2yF0dZQvC6enp0 +LbCLFFohfs5fsaum0R4O1uNfakKMIg9+PYD1yCRpVxMy6o4C6ZqRcsK6c8Qb+rH2 +YGE/XTjwE0/hkojhWCYfSuPySMThQSYcww+j64m44c8nTzE6I0idl7u57DsCAwEA +AQKCAgBGAzi186i+1/2MlP01n+wBrvecMTPOpUbMUuR8ZsWQrO/H8rbM/zM2dycW +OgYgryMOmPXL2HarjtUMy0NZGtQqPgvFOmLYEfGF/Ts109ljv5p3snU6iK1MWzjm +Q8LU5WvJX4+N5ny9ud0Xayo60lHrffI6A4UntGZSL60jQAxiq3Aa9HNgeDKgBTGQ +7db6+cCF/aqmo/5ZEI3j9p9VDJXU9YCOb22t2pG7eRTxjWhzuq75P9Wk2pO+qs4Z +C6TMXhX/p+TAEoNo//C7vNMPOAzasBdj2Jh+/0z4+vGQFK/MrDZeue302SxwDoYb +1hGxlwfGWgxC9AqgWoK2ik7pXGSMc/DyFJHswvVgH1I4wK1rkydDJphlgmYNDk40 +3mvpbQcNgcs5q+q0jrbFmFJHPyLa2z3hMnwZr+3BViNQULQ7ihUqpi8lWEyTKtim +fL3HbqGv2da/2HQtWUU135RQGBjQZBqcJX9LiCwfbdUI+/j+mVlDJyot/xXhJ0WJ ++6OKOVz443957QEV6df8YkRnnRkaTfvj86dNQWCStdIyiYHzaVZ64f8GDHpGOazv +ubiv2o3ZaYvKS1mGqBKdXxEe1Dxndtq2+rDcnx/jXZjaHjEALFaxKJdZIQPUqh/3 +3UTe8OFFVeAcA9w0hqPyUwMfq34DczeKVtCEEEYkDldPyZ2MIQKCAQEA4e5bcaUW +5n4joUGdgeCYpYyA6MGKJEahy5VeI4bs8/o36DHXFMLmmUrgI4tgy3r4GDG3CRcW +q0fVi86qXTqHcScJ2S2jsEuX9Q91LLIwxiun1qakQ9w8kCaYvw6Wp+rcfVXTAe5g +Px3i/Q6hy7Vhs1Usn0iuwCbrIvVpJ50gRul+QojLFcw5i1FLmCAU55uhj9u0h7JP +/Ni3cCr7WCYct8xknLKRn6BHOHodIJDpX1/KNyOJ21V5k47gRAJwlcn90/OSs2O0 +SIFfZQ8Gafvr7C2wMs0YvVXC3oXSlhMkYUJt1B6PKp92qxwiRsw5i+HA1LXbGOoc +btnpfJA4d3TREwKCAQEAyhgtsRmfVwXsQswASUvn9NNUJ61mZdpPMq9d4BSNQzSv +EjM3aTjuqGBh/r01VQm666hSFhv7yo3GIlhzjez8hE+SExSnHMw0MMCUEsDBki7e +SY3rZ0Dzj9FfGBYagOesyQQZSjFFSfmsnBRkrFkVwpJvA0nDMg4xYDaX6yyf8RFX +2teXdI2q2UcTNK5001fVOHLY1ML4ytCIG7gGV/WVSGo2V3VOA+Xl/VdII1hZfa1i +LcdCiBw65vsiDeROoG02F1v5xwDLei6A8JYmJEqOy73+ZgABe2Hk4wQx/GlEH8b5 +2jfNp+1L6aRkXFhAm3wfRWQsKfsYSB2XJxxB8RYFOQKCAQEAv6dc9viehoQ2YVKx +9Dy8AKNBrzCOqNsp4PMiWmzYkNaPmm69DyWOTDdSD5TqVXJJBu0VYaauWjmjkueL +aW5++qOtHQg0NRbLHt0v/uxhp5nc1J+j9NTco0O6i0gq0OLQi5nEV30JNEF8DkLd +SVriOChmo/AaHXJmQM+BllMZ0E2+B17XN/R4VBBwWenNEfPZh5lOeVXvuIN2iLZN +ZKdf8SJ3rt1j3s8t22DrWHbVIUy20zNYfDDz4xJueALB0q74nVWf+oD3rBHjBG1M +eZd0uHLBZzbIZ8RafD11OE2grMiXNjt+IyAGoHxLL1eK8XheBZMG+wmNeRNtl3cY +D22O9QKCAQEAx76kEqIXikSxYsgNFGTw61ugluLdDZh7pMYNy/ekM6Oz0hJLFzYN +NOCmmshaGSXX2SnxkCaydF4yUioIdGOipgebgj5seZsfjnwZHnvkFt86F4ss+04I +LcKr8buPEI9riPcDJACU0mvy/gVuB6a5Sim/jYlvY18B0G3FM81UfEk/A28JJEsN +bVnBktVHZMgwV220AH6AtrzrejImGvQBS6Sm90RbCqFE82Q8Sar+MKiZHFQQ30S/ +tyLKYt6gFBI9X1MqClYvxyCFksVlB4OlpZyxABHLZS65suOnoCpPCfV5aAS1wN9a +o6A3DcqweL1yjvxWZlvmgQi2KBLW3jl8iQKCAQB9S91mjvys1iwcz8sYneCNetHw +Axlr1pfoHUgyTy1/9ategbPkEegLCDtAYmILRBiVb9hnSnmn9k1fYIo3P3nja/vU +wJyYubpu9DshzlFRQ2GANpKixjm++NTfpMVIYpcBUjdqgqc501FPUYksbZkcpuDG +xJNAM3OzSkEmc91sVkjUhcjXovW+UWXtqxGn6/T9TcgE2yrhgSbz8rnr3SDHEeHz +GgUaQGXodg0kr3tLJSY/+FGuORL4mtV+0XQF7EbN8hC8b8B+bHpiIrWcMJ9OG7al +1UfkeqXvOByN3Itx489BtrizyYGRIrMCfguTBKNxe4J06If6mkq9GKC2hnM8 +-----END RSA PRIVATE KEY----- diff --git a/tests/platform-ci/provider/files/ca/client_ca.crt b/tests/platform-ci/provider/files/ca/client_ca.crt new file mode 100644 index 00000000..c1214476 --- /dev/null +++ b/tests/platform-ci/provider/files/ca/client_ca.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFpzCCA4+gAwIBAgIBATANBgkqhkiG9w0BAQ0FADBmMRAwDgYDVQQKDAdFeGFt +cGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMTQwMgYDVQQDDCtFeGFt +cGxlIFJvb3QgQ0EgKGNsaWVudCBjZXJ0aWZpY2F0ZXMgb25seSEpMB4XDTE2MDYx +MTAwMDAwMFoXDTI2MDYxMTAwMDAwMFowZjEQMA4GA1UECgwHRXhhbXBsZTEcMBoG +A1UECwwTaHR0cHM6Ly9leGFtcGxlLm9yZzE0MDIGA1UEAwwrRXhhbXBsZSBSb290 +IENBIChjbGllbnQgY2VydGlmaWNhdGVzIG9ubHkhKTCCAiIwDQYJKoZIhvcNAQEB +BQADggIPADCCAgoCggIBAL+WKlA0V+1aMjDKCwk3HaVJz7tk+knutrr3RtjwUshp +wPty3+t1WrTEtfLLUv6MNOFStTPv5/JKAtDVEcm5xVJ9DNAw8XBnouUnm77WrMa5 +t3Oa8iA6kL1GsdfCoAyKNSX7ArDlfumA/fakjIvPoRYmjplzsodlHISu5FqpHc+G +NdX89K6yzcjgMhRhCvHLrL9d+pe+efBDLab5I8pA0CGpaLfzPQiUNc2E1jn+ApSJ +Bkq+gVBscKcomluDa6rtP2UeGGvG1DkHtbpx1WA/a/T9Tt7ACFd1uIQ2Ob57MAHx +WgP6jD+Kj+/r9sA0iXGN/JnWXxpsVfYjbEFhRhL80Z3Rpj3Hf6xgUJbx0LUE34xA +CTAK/n9G5q+7oog6oSNx80AU6ihWoucARtrQpwrV8rMvEO+QAtT2DjQMShYupk+n +vHV1BTsigsjfywB2eGODKC5u6Ev91Zc8JEFmVvR+/tEP/XNzUTejGVi1fuABLILq +Id0rL37j/NZ9OyExGSJDIRXSH45gHMkjNlQlqXYJ4JiZZbs/8UHEv4TnwFceBBhM +lk8NwQE13B8F+/mcpaLaQ3X9AJzYBIh0CWkAaSKXmpIMSrOFlljihIIsA/p2OmOc +g1sumCK3IU8AXoUbzDM1EqL5/wE9jD+ns8Bsy4JR1FFZy1FOmQfacIJdbd46jkvD +AgMBAAGjYDBeMB0GA1UdDgQWBBSrXJyoXQRw+uwU274hxHyKeX6kgDAOBgNVHQ8B +Af8EBAMCAgQwDAYDVR0TBAUwAwEB/zAfBgNVHSMEGDAWgBSrXJyoXQRw+uwU274h +xHyKeX6kgDANBgkqhkiG9w0BAQ0FAAOCAgEATF/s9DHNj3h8O4IN0eUC6YiXnpGv +z3z4KPD5RYy9+O3uf+f6SxFOZZU5NU9GHE9VRenmerHSsux9FxEAGsCjpiCFQGXq +PKPBINyuR6TIDo+E/bl97Te0wL7aATiy5HFfQd41IoYPjuDpgb1Fc25w6iv9VeFG +WrZ1JLJp4wguZ6RKSSLhsBF3m+wGe6Mg89b1sdkCvFr6EVqlZZbOSPUpUjVYp46p +v3WP+Grtx9rBlJxqPpA7RPIyqnyiE4ovZcznz+9glgB3n1ufO+dSCVjkAEPxvmLu +Qj7Jc+rpNOE5xZCFBaqtCBaBm2Uht3OyHypK9UYLZ7QOAfrGnBdgLERkAzPG6Zok +yXuo0YTjHpdy5BPUD8VOahsj/2tzkMXkYmRCW9/dRwhfvi3QQHyQpsRZizmWXgTV +JWa6UYfF1B/rDt3sn+AjDCxhHeBe02YTw0MWG3frv3Gn2/JUESSQjK4Xhjg/DPxb +pLfhSLuq7WWqtkJsI0sZVj+GAdkbTgGjMLvj6+ckXpqE9V8eDgvE7KqYlSS2i6Sm +e3SofOC2h10D3pWtX1KSPUp20ClRE/MUS/YW9szKZhqA/ZNMX2eViF05hgqywYwg +GvapgFpn0mbBj9sOrBuAZX/r+U3MBv/Pj8ErdX/m20Bg/eIPBcHftS465Y9fjGu+ +apsldYNSrCZ30p4= +-----END CERTIFICATE----- diff --git a/tests/platform-ci/provider/files/ca/client_ca.key b/tests/platform-ci/provider/files/ca/client_ca.key new file mode 100644 index 00000000..160cad43 --- /dev/null +++ b/tests/platform-ci/provider/files/ca/client_ca.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAv5YqUDRX7VoyMMoLCTcdpUnPu2T6Se62uvdG2PBSyGnA+3Lf +63VatMS18stS/ow04VK1M+/n8koC0NURybnFUn0M0DDxcGei5Sebvtasxrm3c5ry +IDqQvUax18KgDIo1JfsCsOV+6YD99qSMi8+hFiaOmXOyh2UchK7kWqkdz4Y11fz0 +rrLNyOAyFGEK8cusv136l7558EMtpvkjykDQIalot/M9CJQ1zYTWOf4ClIkGSr6B +UGxwpyiaW4Nrqu0/ZR4Ya8bUOQe1unHVYD9r9P1O3sAIV3W4hDY5vnswAfFaA/qM +P4qP7+v2wDSJcY38mdZfGmxV9iNsQWFGEvzRndGmPcd/rGBQlvHQtQTfjEAJMAr+ +f0bmr7uiiDqhI3HzQBTqKFai5wBG2tCnCtXysy8Q75AC1PYONAxKFi6mT6e8dXUF +OyKCyN/LAHZ4Y4MoLm7oS/3VlzwkQWZW9H7+0Q/9c3NRN6MZWLV+4AEsguoh3Ssv +fuP81n07ITEZIkMhFdIfjmAcySM2VCWpdgngmJlluz/xQcS/hOfAVx4EGEyWTw3B +ATXcHwX7+ZylotpDdf0AnNgEiHQJaQBpIpeakgxKs4WWWOKEgiwD+nY6Y5yDWy6Y +IrchTwBehRvMMzUSovn/AT2MP6ezwGzLglHUUVnLUU6ZB9pwgl1t3jqOS8MCAwEA +AQKCAgEAp4NO3+3Ea32PoOUnnRkZzKmq/jieNwKHtxX6VjhayWzeFX0tmBx2ANR2 +GiH5ISPKILFGSnEbJtfbemiyMuVBSIyaJXaFxDh5T0/Ad64QR3mek3AJAHD0mOo1 +GWfMtOoq6lh809r1iokEhSD+2kfimxF/YWCt2oBn3QNmGnb/37GDZOTVs+IW1+pf +Hz5yaVQiaPhs4TzkNVUnl3UC/BaLZMNREnWVCek82cOp4+7aprDgVX4YZw9JuH5h +6F4SR9NEuM8Fn0arzGmXVbuuS4dohz7sNQtGv+HoQYGAH7JqGWjDwfLRqcUncSmq +CAhnnGf/UysC4IGU76+tOcUplfSD+aur0FWCtKf4scfZR1Uh6inpN2WQ1r7c34vW +xKiRZDpoSRpDkxQaj3KQJeWEsAVSG+y1L9OgbKDjeGE/7U7Gt2fOKih+Aqt0l+xt +7Go1v99u0VhbyCWiBDF9XCMFzJBx0fIK+RfNHXEkkcoZo8kbnTMGgdoBqfCQZjIS +HRm9wysljMhdTYRFi1Vx8IrDGKNenc2USS1i31+6CQ6ZHoAZm5wvOxJ/nq3VS1I9 +MJDWTOQIsZQWHVlp+xq3hxBDd33ksQ91p/rsp38VrjYa7Bhd1Vp0xZUB51i4eUJA +WX1RPKnJ/omwsUXGsQSLAOR/xOYH+CcWTCu2uMd4oX5Zx84xBGECggEBAOpt9oOx +qHYtZHITFa+9htd9QWPnE5H5oUby/w4gPsymazY1raHETo6HWueByCQnNHDflSWs +3LOUnrt166wtn2yhaOAw8mrHDCuxwUUfloFyXRal16Sh2QoQDqiaAQrVzg1AM1Oi +kSBE//OB14YrAUrFFsPZpDHE76/+AOXqp7Ju+XKd0WUeX1ibQzMO6PxuUKKmH4q6 +2gZbwx5olkFb6AVY7dk7Yy0rrp+YxP4Js/JjoxjMu+DB1HOru/LAgCXU54cM3x+A +VuxE1D+KATVpqzqtDAccEyWys4hfZBlil88Schbenvo53IREB048KXw0mrVHeDDH +lIPEFwO4Gug+KKkCggEBANE3BwY+/8QDpgJ+EhEIZfraW9z10sQE5L5WIPwDLCnL +8dXLLW2ayfUtLRe2d5chxqPiAcjJranYR+hZXkbNeRAqWKJWn9QbCrYgqMKz3fyv +g9hiVS0rTM+rZmAgCxO9Wc6ZSBTcYjyXKe9NCeXYgrpEcNa0bsbdq99d4s/Rym6h +wofm7c3HAiPBLvduJ7MNnOQpvHTe2wfkf+Meq8K8WPX2UnIQXY+C5EE3FJG2PUrC +1wryWeVUraLyS3S9pGCUhMlsFJF0RXDp58nbVGvdcfIDfCcH/fjZD3PFpD2vUaJt +DhGHraxasYC4C+WBm4SkG9P+hYmQD6hVjD7BiewneIsCggEAN5r3owsr00Q3FBvU +xAeniUuLjB/Oc4yLpaGTwA0D+FTtD0GyOrGulH4koM8W4wRtmuxdmz8iZnI1KG/z +A7canpC2qJ7TkWI/T8ns9vFkKLYwwGN7/+/n5Ewkvfcxkhles6PryMXBuK7FK0Q8 +E/X1a3/OQ4xHNwroc41DN0XumxNZlcc7WMnYgdLqIJ1DxESCWeIfjy988Y8oe/kA +0uXy5fnPCPzeLGO1GuQIrd0tUqwxjntZgRlYxEsS3KSugMq8VDtIXVd6xrYYxi18 +1eeHlvZe6PzOyd1WWl2OB7tsGNDeQPBzMxUwaisctIDusihkHeWi66cbYhnL/7TW +pQnBaQKCAQAxU+QYGOp88M9HbyobUfuZdbqLEnqrNOwp5GzKfoT/JdLTMaB4YzKS +2B/1o1P3EkOfiD4bdVG45gGuSsPrta6BnTpgrEPq4qVX48NmhLomRcu0TRsAF2F4 +5VSx/VwfP1nZWFKieIPA/XMptORMiQvplxFzzf8AbGuFssEzdqdgBkuzd0NCbVWX +0IieVh6OHPuM4DpK4/CIn9t3VVfyBi6Db5xowGsO1zGyHqZ+5JT295F0R0fixmBa +Nv6Le9sx2lKkmxMOaHem879u3IO/GusuwJuZKE09SxBVn5fl41xAC65xe6f7JzcK +vlovtqtQTtEw3qXllU3bxq/WbBN01qmZAoIBAGjkBPKbUqj6b7dNd5PN/+BHvbP5 +VgNXnx3URS1OVUwqBWi/sFdPCW5JrTAUgsgsLKWzmzxYq/2Ij1CnTHGFSvAd3olL +6ycmkbk6kguD1mXpvvntJKQwAi9J3z6kNzjoy73PAblUd95TWhpqHwRHVp+C0hUF +03N2Xn10zADA7zBXwydEk7cFtOuw/pv27zrEqqwwYuNBkjfn9vOxDpT86D9ah66e +D3CyUM+xkgKp4nzVvbKS8530nxkWwonGJpou8wdHZ8yu5DrPLeRQIBLwy6XAVcdQ +U4chotKxL81f2UvZ6cA2FGpSQef76mcW643njxzndEfwQ5+twtKBzx0TCH4= +-----END RSA PRIVATE KEY----- diff --git a/tests/platform-ci/provider/files/ca/dh.pem b/tests/platform-ci/provider/files/ca/dh.pem new file mode 100644 index 00000000..3c86bf39 --- /dev/null +++ b/tests/platform-ci/provider/files/ca/dh.pem @@ -0,0 +1,19 @@ +-----BEGIN DH PARAMETERS----- +MIIDDQKCAYEAhh7GNJktPFPgzCHPrWKCSmbhZtO1ypcVJCEZ0VkvpgUpUxAZnRl4 +TPZaQVbYx1gGpvJ6pV341zoeKlFjxK5h8iG5vWYplMk9FzxbI4O7oT2APZcVfR2U +4lrmQMK7EFDrfRw+CYCuwv0/NxEoMFINRnWtyksLPw3ZtFDdnUAz4Dnu15yAFBW9 +vmOqM72Npx3BnkREOZtB5Fj5FkH9DOVSibuD6zMlUCcVXaX/bON4yrhDGnSctj0y +mwCpkLK5GkpV24i7pW7LAY+MKXOtDObZHenwdJCBdcAMbNYO5BXuFFxlgJlxRT3T +j6IH25j9/dRzaO73rh222Qp/EA3YGvhuEAMps/o30flbjZdsiAzn8ajg8NO1qf4+ +aDJDN4xTRVFkTOgTuORqamiLmV7Q3yU4wDFo9jf8H/fD8uIXESy1NOTuKbXjoITL +D3RVivSlTXHWJ3rSOm13uFY0OVG+gx36Oz5O/hzbtGrebrTadKALS0SkH1cjh6pf +sCpgVW7BorY3AoIBgAZWGr/JxYe8PtTwPm40EH2r1FUvDlhEEaxF4Ky0VRxh4sdq +/Vdcvn5ww3KgItkwSSAM0TchtosXtjILXkuRSwJglu15OHOuJHZKsaaD7NeT+AoS +HOfaiEUJRht9+/lNLbLwxpq8FSCOabWSeqj40rq1P7wQWUh2gyAh9GWc+KO9Lg1w +Feo0re6IgmPaVhpWS/a2/IguHQwbMdly6EgWD8CqGIK9T4agWqYr4FIUzaEO3SOi +fe+MPV6U5P1STcs9+UQG9LjzqHHDjMHIm4I3KNXKyM2myl8ncTrmD6uRRiRh6bhn +wZHMXwk+JsJgbwz8d4T/xDoGNWvonGvnQWgPTaVry1N1TLjgWd+k8UCio0DmxgUJ +qOz1x7LIGqLGiSOF1xUxA4M50we/JVw8731PLFxZNiSRvKHW/Dh3YsZ2jSoPT+1T +1l+azCglr1Xz560GEjswedZgsAb1tBm7AFtpJIfujMLRZhhoUZl2rDX1A2h69/HN +kn86NydyUXjVGYttQgICAQA= +-----END DH PARAMETERS----- diff --git a/tests/platform-ci/provider/files/cert/commercial_ca.crt b/tests/platform-ci/provider/files/cert/commercial_ca.crt new file mode 100644 index 00000000..01df56a7 --- /dev/null +++ b/tests/platform-ci/provider/files/cert/commercial_ca.crt @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFbzCCA1egAwIBAgIBATANBgkqhkiG9w0BAQ0FADBKMRAwDgYDVQQKDAdFeGFt +cGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMRgwFgYDVQQDDA9FeGFt +cGxlIFJvb3QgQ0EwHhcNMTYwNjExMDAwMDAwWhcNMjYwNjExMDAwMDAwWjBKMRAw +DgYDVQQKDAdFeGFtcGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMRgw +FgYDVQQDDA9FeGFtcGxlIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQCyW2rTcWimY288/Ddu7OPvJxShS1RInQqfq8hYy6hEK2QYn656dRDf +pJXgSYWMvWzSXWJiQkyA8L2+DDilFtccqToqnKE7IwYHlxaeh8OSyZcHl4YCpWJi +1rc7pysN/l/0pjsp1aKKyHEObnkGMev07uGmI8aOE4Yvd2K5LjBjlov5mNnbYEHW +j+hWctV6OcphnxVboqtTy+0Ewv5D56snLjUtedyB7Er4ryRjIrWOyd+ZSyi03zov +oY1xPXS5wSxCc6y6wOKt7/noIg9xxWi7XgSd3OVtPYRU3Io62lMBSzNG6fmos3Mb +E4ui5ma7IFCJlMEFHirVSBiHn2jwsDtSsrTl0JHJS5ud8Eve5vV0r/n07QsDMhj5 +ol+YDq4+VvOekCAH75GFYkMIzpgcVzC2a1Rq7JTkcnINAF/m47yBLPomItklHv0z ++I23Q+jjTaM2A+40T2K+YRLjFyZwrlCAScjMwPFspnGxfa02miYENhPV1TdTP/ap +QE7TSl6oFiNrTh7INHGvKgrZYRW598dgAWNKG4zWY8Vj/bIXR1lC8Lp6enQtsIsU +WiF+zl+xq6bRHg7W419qQowiD349gPXIJGlXEzLqjgLpmpFywrpzxBv6sfZgYT9d +OPATT+GSiOFYJh9K4/JIxOFBJhzDD6PribjhzydPMTojSJ2Xu7nsOwIDAQABo2Aw +XjAdBgNVHQ4EFgQUlhC2wfrVFzGrtuzcA0mkO+yn9bgwDgYDVR0PAQH/BAQDAgIE +MAwGA1UdEwQFMAMBAf8wHwYDVR0jBBgwFoAUlhC2wfrVFzGrtuzcA0mkO+yn9bgw +DQYJKoZIhvcNAQENBQADggIBAAKdSviiZY8tINlDSVrib0CyDbXymO5uTPRqsf/u +MC7/DYXlNFy0GHpX4Ls6GcJN5DdZAG0TaoWo5RkNerxqv78sGJsmPqWt55cpBPVe +NLpFmxcOmLClSDLBhSaq5ggbxULScee7MS1gPHqz1BHXmi7ZJIip4VeVA2e1E52F +J7E4Y36AJOdZYLgz50YOX/NZwSYBTMy7RI1MiqG/eJf1BjkwtSyO7FTjPXsdKi8x +HhtRr5udm7Nprq1eJUUDD0+z4kAeTe/LJeuhxc4QKzpVZkE1peW6Wlklp0cdLJud +7gUsY1GFnNhZDDQ3SW2ZJ/p2OdH35rX96cj+6VClqSQMbH4rL63tICLmAsEzPKwJ +57bGVUM822n4mh0vn79dam40vMw7wkTKqIKVyLhk30N5/73XczpoLhvVdKDtA1Aj +C6LseWq4CZsaRSCgk2VsEEYyl7M+BIREuhYOllsILneOTiCOCnU4EdnBQZIHdz3S +xhduafYXLa7RHkFMfOjtmhogXXpGyaQuS8IsivIowOxKoIZo47IhYRRAghrVN2HK +ZXrgftIHNfHsFLfe6iiQBgaRn/1w7xOIPVDBqlZKKAMQE7cvum2o6dJo03Sc4dIe +rvIU1WGNRLM3/AsbZ/7gqwD3INiNUPeuVaiRqvLvXnKfHlR/4s2wZrnKqUgYF1Go +arXF +-----END CERTIFICATE----- diff --git a/tests/platform-ci/provider/files/cert/example.org.crt b/tests/platform-ci/provider/files/cert/example.org.crt new file mode 100644 index 00000000..7de2982d --- /dev/null +++ b/tests/platform-ci/provider/files/cert/example.org.crt @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFbDCCA1SgAwIBAgIRAJW2X9xbiBvmbN1kMlRVKtQwDQYJKoZIhvcNAQELBQAw +SjEQMA4GA1UECgwHRXhhbXBsZTEcMBoGA1UECwwTaHR0cHM6Ly9leGFtcGxlLm9y +ZzEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTE2MDYxMTAwMDAwMFoXDTE3 +MDYxMTAwMDAwMFowKDEQMA4GA1UECgwHRXhhbXBsZTEUMBIGA1UEAwwLZXhhbXBs +ZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDFuKIL//hf5cjU +m18q5fSUyvwtmWREJPaVp+CiWiGJHmxFAiWMGuAFRRChhZ4SYmnEscNda0f6ntPz +rO+XjhQeA05bIYD9JcFT25Jg4kSX4pQ0+pK2vuHqk4ascZgOOaq4fN8SXD6ZiL3m +CONDRzbnZVR2LqsdCbEqIuHlo7VK7MO8/9A+rF7wKLVatBtk25uSWMQPt0Q41gw6 +YTV447SltFH3fgUZnNR6p7Oxpsi3qEWlt2vZMIa5xdq4ge2dx1GgC8oSBx1XT/Yd +qu//GECAH5XsZsAaPXDuor1iTbWELzHyGrQ7V80e67lE2lxoaHxRCOE/NDUU6UXm +CqXwhdBHarHehOCGSDXvHEwAH5zpV77XOm2bIoZmCjM1fRk5p2S3GmXteCdvCxBP ++2wECnRXuwN2aICrBk7sZ9FieRsYao8GZN/A7ZY24pf7CMEBsgjYktTjAwUb21m6 +vmmzt93dEVJgkd8LASFmoXn+YAIGF0/fD5ZutlsAsBfodoCH9JKBi25nVVTEQW8g +TzUegTC3PUqnathWv4gZIYDG1ZUDxjk30beNmXV2XudASmP7NG4uSlQwGAEWn+cc +dzOnRxR0BQpkMMNEV/HmJVuSV5Ak4DkruSXGjLpzi30BjJ8obx85YAusIrhWRUrR +2oz6gqDUnwq3Nkr3Nk45iOEDC0cZnwIDAQABo28wbTAdBgNVHQ4EFgQUS7rm3WfC +psxoh4i7q0YbTbMZWuIwCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMB +MAkGA1UdEwQCMAAwHwYDVR0jBBgwFoAUlhC2wfrVFzGrtuzcA0mkO+yn9bgwDQYJ +KoZIhvcNAQELBQADggIBAKxeVSMEpUOdBO1zmwd5NtugOlYV3/Gu9GqmUQdlB4FF +Wt6sKJmYYByNquKT79oJLb9dgUPw8qQiHCB+MAsjB4PpHvMRlpgrcDGsI8+esnfG +dJny+82aRIFZ2KnNbH8FchcCh4bviaY+DE9kyJNHILk0ujICXabR0G6ArVISTbyB +C+6BdFyKTT5zj9mtkiTgvZchlKCmOmvh/HeCONu6MGYbqcqp41RA3g1eEjFoROKO +wmf65VvfOBeb9VydOTICh/bJWRSmAMJqWxbOiV8+Ldufi0vXMcOhEfsyo316xxRq +1GMb5xVihtCxj/+qBKNoun4k9LTmUvComuPakbtEPT2QbxiTvqCbXsWHPoRwCKEj +RcFPsxWAnUslzqSl1b0oLaE1zNjBmB/Zd82i2MC4PncLC2hLHtAU1imRZKP6rnHx +cb1NyFLS0FmIPqZUz9qcY2Tj3GbjqYqRi/sXNKrR2axAUx+jGI/Ie7Zsqa4VZA0A +ZsiF0BGN3RTCYHuoJbXfEVFQ3o97JGNC3t07u9XhVuC0fjCiQu5PBbMRHSSvtBdN ++LSrhR5j4aiCmppgQSeTtoKSIS3EiOzDtawdewxhffK+co0pGnO3nox+iINvSIQ5 +IevAREmZ2ytjFDU/kVFFlINesFsLRouO37DUf2Kjxaa0RgkCBHpOnTAAD7bXiSaJ +-----END CERTIFICATE----- diff --git a/tests/platform-ci/provider/files/cert/example.org.csr b/tests/platform-ci/provider/files/cert/example.org.csr new file mode 100644 index 00000000..95e8b65d --- /dev/null +++ b/tests/platform-ci/provider/files/cert/example.org.csr @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIEqzCCApMCAQAwKDEQMA4GA1UECgwHRXhhbXBsZTEUMBIGA1UEAwwLZXhhbXBs +ZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDFuKIL//hf5cjU +m18q5fSUyvwtmWREJPaVp+CiWiGJHmxFAiWMGuAFRRChhZ4SYmnEscNda0f6ntPz +rO+XjhQeA05bIYD9JcFT25Jg4kSX4pQ0+pK2vuHqk4ascZgOOaq4fN8SXD6ZiL3m +CONDRzbnZVR2LqsdCbEqIuHlo7VK7MO8/9A+rF7wKLVatBtk25uSWMQPt0Q41gw6 +YTV447SltFH3fgUZnNR6p7Oxpsi3qEWlt2vZMIa5xdq4ge2dx1GgC8oSBx1XT/Yd +qu//GECAH5XsZsAaPXDuor1iTbWELzHyGrQ7V80e67lE2lxoaHxRCOE/NDUU6UXm +CqXwhdBHarHehOCGSDXvHEwAH5zpV77XOm2bIoZmCjM1fRk5p2S3GmXteCdvCxBP ++2wECnRXuwN2aICrBk7sZ9FieRsYao8GZN/A7ZY24pf7CMEBsgjYktTjAwUb21m6 +vmmzt93dEVJgkd8LASFmoXn+YAIGF0/fD5ZutlsAsBfodoCH9JKBi25nVVTEQW8g +TzUegTC3PUqnathWv4gZIYDG1ZUDxjk30beNmXV2XudASmP7NG4uSlQwGAEWn+cc +dzOnRxR0BQpkMMNEV/HmJVuSV5Ak4DkruSXGjLpzi30BjJ8obx85YAusIrhWRUrR +2oz6gqDUnwq3Nkr3Nk45iOEDC0cZnwIDAQABoD4wPAYJKoZIhvcNAQkOMS8wLTAJ +BgNVHRMEAjAAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkq +hkiG9w0BAQsFAAOCAgEAG0IpXLHZpgXtBZHEnGBghrucWnAuhRf0sXauboBVWnwA +5noESIIX/hNq9DdaBba684u1Qga+lZcFsO1Zh/K1Guu74FTNxV2jCLKcX1T+Ymx4 +uRJ1jcdCc+YB/f+ce+pAhFJei/6sKP//MtYIBHlbe8aGQx1yVPJ5oSb4yS9Hloe4 +DuM0bp6ZXhXFv4YxxxDbaTMs9D46AKnqXV0rLe8WwHH1Mbdxl0bi7roZ3/1NPYsg +diUMWQlnrR1d1xxUG7x+PJRpPcN3GmZQ0WyZoNrIQA7OLEg6nM8T4sQX5OZFdQrQ +KQJyX8+Cc8j/UtPrPIPgch6iYX32e+1wTAP82npw1KMELxRsxjX6ERl65apkADFa +w6LrCFtUQApWY/vZPz88udzSxVytJL4ZrHJxuZEG1WFE3kPY2Ak5LYw/IVxCDFsL +GVfhb92zkn5iUkULXbwjcTytK3IqXZHl05PW+etGtqbkdh99m8eH1HxolKEgtehm +l7FMD/JrC0GJWhI4Dl0CpvhAsV61pa8f1KmfGFTt+zpS4epSIItWTuSd4tzaXwNq +3K1zJaKHs16VWBFuhH5kle4QGRIuDRPHchBQQg0wgy/sfHuzqbcVNotGZ7qzvnRL +x5eXmWm1HaVKl1NpxbntMY4o9u0WgyzmU0VVsv+oWJj6J88T97rqTNg1Q1Uj8ic= +-----END CERTIFICATE REQUEST----- diff --git a/tests/platform-ci/provider/files/cert/example.org.key b/tests/platform-ci/provider/files/cert/example.org.key new file mode 100644 index 00000000..7ca1c512 --- /dev/null +++ b/tests/platform-ci/provider/files/cert/example.org.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAxbiiC//4X+XI1JtfKuX0lMr8LZlkRCT2lafgolohiR5sRQIl +jBrgBUUQoYWeEmJpxLHDXWtH+p7T86zvl44UHgNOWyGA/SXBU9uSYOJEl+KUNPqS +tr7h6pOGrHGYDjmquHzfElw+mYi95gjjQ0c252VUdi6rHQmxKiLh5aO1SuzDvP/Q +Pqxe8Ci1WrQbZNubkljED7dEONYMOmE1eOO0pbRR934FGZzUeqezsabIt6hFpbdr +2TCGucXauIHtncdRoAvKEgcdV0/2Harv/xhAgB+V7GbAGj1w7qK9Yk21hC8x8hq0 +O1fNHuu5RNpcaGh8UQjhPzQ1FOlF5gql8IXQR2qx3oTghkg17xxMAB+c6Ve+1zpt +myKGZgozNX0ZOadktxpl7XgnbwsQT/tsBAp0V7sDdmiAqwZO7GfRYnkbGGqPBmTf +wO2WNuKX+wjBAbII2JLU4wMFG9tZur5ps7fd3RFSYJHfCwEhZqF5/mACBhdP3w+W +brZbALAX6HaAh/SSgYtuZ1VUxEFvIE81HoEwtz1Kp2rYVr+IGSGAxtWVA8Y5N9G3 +jZl1dl7nQEpj+zRuLkpUMBgBFp/nHHczp0cUdAUKZDDDRFfx5iVbkleQJOA5K7kl +xoy6c4t9AYyfKG8fOWALrCK4VkVK0dqM+oKg1J8KtzZK9zZOOYjhAwtHGZ8CAwEA +AQKCAgAht6KquTP55o2g8/3+qshSt2rZu9bFaChEzSQZi5U8dNuxyPPuOIcLXwO/ +B7I1IGM5D7dpLupPatZqL4uMJMZ5d8bc85GzmcSmMEN+EhfwbssnXbO3RkXwYsgM +kDKF+n+KhoDj+KcUN6VqnQlkZ7iNLVKB9ONpSEXWEazEJG6+IDIhAN7aUTq/abHD +jgM959VX15tXssEHkDj1m64qt2oO9/kiY3MrMvtpD0Atg2unJiL6Z5UUrJnNBFiQ +Llf/GAZrbJdBC8WNJi2qUYQr1E7rindeoQcRcnjXuRjisq3JpOK3jqY9mHN6Wmh1 +vWcUxvysNP90b8q9jipFWHuD0M37kq+BLn5Bub0ypiIkId0CUnAB9MBYcBJlYhai +ZwI1fe0uGFD7XlJbHexTgnLreDAo3FR9CIUDo2HUWqmUNWadAl/rPNRe6+QDDvmP +5v4HiFmSuCjZJOu9x2z/ly1JzM+iCUp+q6BxYYYW/5tDLYAw7sl1uaiLTzZuhrrM +PlO6DNLAQhMn29jeszPHt7iXHdHAHAuYSeHpfeqnAV1qB+6x7UFVZjbDxXkt/Sn0 ++LvCzJUQOwQNlnnzIwVdn8phS3r9TN2rI3dtlvPMWJqgBiheJ9qn2tHjjoPETt9I +hfvw949Gi65D+AFSzowjNUFwDXzphOwETv5tpKCRROhdBRBdwQKCAQEA+L9RsVqT +F+7HyGza+F53mgED5SQoS52vRA2OiAbCgiNjY7JH7bqIpuO4RlgqKo+GKoboCP6D +1CmVGUm/Z8wYspzQs15O/jUO1bZ8KFREt8TquxFtikwyvIXQhUdJhZYUnhfMzV3O +sH1blWhJnSX21rxJWlrkN0I8Zdkl6mjvFa97Kr9UA/pdZd0qgIw5Vi7MFLPC7j2Q +YmTPhNsb0oZMJHGvwENUmuCQDhGiRhQV06R963mTMvxY7LWqUVf6dr7xg89Qt5Yo +AdSHllOxHOMTAa+kZNF1N8UM9S2iJSn6ZeUEOXOJEuosghpE/QIuvo81Txm63G7e +BjU3H7cFqDetfQKCAQEAy3xy2cQ/+GlSIbwXrzBr483Z0jXnvknlCJMh+NCTXObk +idOhhnIuZu+JoAovv2AfKNPvYXotmb1xxmws5RSrlZDGiQQzEwvJPeLN2DnUGqzc +ZPenu64Je6v9L35iRMF8vyx3xf27FC4zmR6nLuZbgfEfQdModqCbTpzh23Cl3mkM +IZFYPhhfnh/pcwccuqfOn0Adt+1X3jvp3QzCh1jkEjhaRB5qjt58nlmxA2EKYv1w +OzSTH9owqsCMmdrqzR7iKh59LrfOfggJbhHCyrORZ/S8h5lwqIk3+zLMrwGSvkXL +tuKLXtkX/Xy98cbHwk5M/bf3hH6I5njlsssFsS8+SwKCAQEAxCzu2raaJ1fUDAd9 +sj+eh8ChN8gKV4hmv38Jl9Hs+QG70ta5z407VJNns2K47pP+te9rdBx2D48z3ZvB +7rSSDduK5MtN9UIXDwk6Zfv/rgcJMLuP7nAl23SVfWc5Xrd8TypqBNUkuyBCaFS1 +KdDVGYmpOC9SqRn91D0rn/FeDXY15wK52eFMY5fHe1YbqhKCNRmIdKftBQyIdTjw +elocFunqN/Fh+jt8oPvbRPV2OVITVPCu3JkT8KtdRYXjLF9uzgtkl0U/DCJ3RGGA +301eogfJ2REwJumrTHnO1QyERHQXns+1nUs+CuV43ykngHYlDts1+b8eLzss3EBV +n9M5aQKCAQEArqKmmtg/on0ZPNSFaxfecEq5lxwmQHyAsMQ9UqIG5qNOHi9fn9gc +lMEdVxmG8vKWq16AQiMuQZSBsa4jNZNw0tLGYM8W2lCyLIea6+htbVtPZuPYs0zg +3J+1ke4gfiukWRnbzTM+PEqOg+n3x1txy2pZzg9f2bdqsqQXflIGOIPlImXv2pLm +dPmkS9Edyd+8h5XqK3DpiVPYGJsb1Dbove5ZIb8M6oJtZyVIssK0vFIP4O/1GFAU +lmbcBCsKenH33ff+rXqYIDfbh/h8OaS0tQgoSSPZuPrS7aYiXku2Wc/izplMzWD5 +otZM2dQkmlDC6LjbF33VFh9J2xE8WF1YUwKCAQAeJYro7nBxM0eOmof1ty24UPfg +jx72sH/FpgKIyvZ4yQoreNUc4TVsy5QMIVd0G966CRgvzaE0vcBHm//7YCXHtIa9 +ihqmYDo7SoaF7nZNjxJIxyQVPY0+Kntkwz0XAX0IbJ0nMx+3x6d5UhbQbxFVKe7X +5WmOMb0ro9NLaCvh5IUxSHsG/a8hYRqoX3tZbPRvTJMZMTMxWslsscWINNu/80KS +ggpD9Uu9hdVwT7yavl6JKC3ypRdBzmpKZfiLt5CTFex+XGIgKLHVqbHxXu487YsL +AlexBvk1/RKMTHIgUl7uMmaJsUSD+ME4SWuU9cW115kwp+JBMXES4ZfWnRHZ +-----END RSA PRIVATE KEY----- diff --git a/tests/platform-ci/provider/files/mx/dkim.key b/tests/platform-ci/provider/files/mx/dkim.key new file mode 100644 index 00000000..0dc069c6 --- /dev/null +++ b/tests/platform-ci/provider/files/mx/dkim.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAyrO7MRuCSyM2Iz5fXT17q2rpP8U8m4zE98gShMAzzKFOUjk2 +WldOzVDrNVMc6nlIkBifNpk85SCdgc5GRCWMMHifbKTWjduK9pCTtvIOVPq9H0Ak +mgqXEgoVurn9gIxfUk2zpr+TzE9r7/U+O8ffmtmZMKbWldvvqwfm3rLRBUpvi9EH +KWjmqEp9I4x0mXzkwRzoyrN0xZB2pLJJVlg/edeI7omPaqRRbf/OWQb1CHK5g3Yo +l1zlnBEG4X7BsIqqvaKfPT6Zp1AM/QP5qJESjvLyEf5eguWSeU/kyUCtSLZqigxf +sYqcClN7gWiQ1j5d3vkpv6xEvLZOL9Jhg00FnQIDAQABAoIBACZMxX7m4ryNv6nz +HBPDDT37am0ZOHVvqLvkutMIegEdLW5Nzx5Mxt/2fSrLNHh9SB+p91Naqu3kNr6T +GiXALnfuIrllgAC3zc7+zFpR7DFUWy2vcfsFKzxGWYq5n9ONMmmbsuk745JEI3Ho +lcS35GEe4loV/A++yc84JABKK0JjUpXeafXr21dNGNe0mv0j/0zM8jWzZ6QFneeG +0MpZMP4rR+STe70n3Cgqoue0IDejt+N/jA6Js6cYV3zQgDX8sQVPR3saTaYMrjHH +UV7qj+tvzgUxMp0XEzhAxNKsHpGSwyDt0X2RPFj1Jye9OSLHV+p4Mbjij+9p8ZUB +robaTGECgYEA/SWNspWkyNSGE9YNErxiFL6WUGaXgJgoPNA6R/i5KoC/7jv8gn4X +TeZ9a5b+JHt5fSy3Ph1Pje8T3ZLDl+7Oahr2/Xh+pmcQ3Tb3gEA30e2dmQgLGfcD +wIa/wr+FpW/DofdjXtdVMyn9urnTiOYbPaFVY82z4OcQmFF/kMfSKAkCgYEAzPyf +FToGs1BmEz416js7QsXNdr3sQMONsBRVw3H26qWbYDxaT6piHBwNfw2N2awr1WFc +6XuQ93xymHHwNfb4vjTOI+vJLPwZo3P8KOZwDwjUpVL8OTDSXt87yJMbcmexLATS +Asmnoe5h8rVXHc+BJ8UR0HdkJN0SVD/LKlySTfUCgYAVm5D+v1szcUCIjOrMwJu2 +nZYDAt7HsTUuC7AN2KMlh5vaX/Brywt+MMBf4KGMx6VVE+4INURHHzMY5KAhZdbk +o6yVciWNWprL5xc1MUYSey/Kki8wZi9Bzb6shuCHgIS4XH905vh0x47K03XE569H +kW/Sdwp1lgOKnNpAp22+0QKBgEZQIQFW9hVr7peLL1M5Hgq5btDcNL3CVkefsgto +fBng1HseOJw7BYw+0yJRs+aGeEKpMwWjrQY3WdeQvaTFIm2cD1mi907G6sR2dHhT +Ev0VOlu7K2kypfaE/CzAyRllGBDRVng+U5HoAxENwuQm2Vaa8pFfYqqCalcbysSt +HEJBAoGAS/liytZxCp9v8RCNyAOo8JPHPw/EdPGxuk5lP7m4iNbB1O9DqvEEmR4l +RzgXcAPgIAy5+TEwUQwarqbHe8fgmGziMP4xtntN2X+epreD1fWqfTHphO2njaDT +SKMlO5hUVlQXc7/J6DRbFzWFlEngvqNx+PzM5VlEYc7mK6xRSjo= +-----END RSA PRIVATE KEY----- diff --git a/tests/platform-ci/provider/files/mx/dkim.pub b/tests/platform-ci/provider/files/mx/dkim.pub new file mode 100644 index 00000000..bbd32086 --- /dev/null +++ b/tests/platform-ci/provider/files/mx/dkim.pub @@ -0,0 +1,9 @@ +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrO7MRuCSyM2Iz5fXT17 +q2rpP8U8m4zE98gShMAzzKFOUjk2WldOzVDrNVMc6nlIkBifNpk85SCdgc5GRCWM +MHifbKTWjduK9pCTtvIOVPq9H0AkmgqXEgoVurn9gIxfUk2zpr+TzE9r7/U+O8ff +mtmZMKbWldvvqwfm3rLRBUpvi9EHKWjmqEp9I4x0mXzkwRzoyrN0xZB2pLJJVlg/ +edeI7omPaqRRbf/OWQb1CHK5g3Yol1zlnBEG4X7BsIqqvaKfPT6Zp1AM/QP5qJES +jvLyEf5eguWSeU/kyUCtSLZqigxfsYqcClN7gWiQ1j5d3vkpv6xEvLZOL9Jhg00F +nQIDAQAB +-----END PUBLIC KEY----- diff --git a/tests/platform-ci/provider/files/ssh/known_hosts b/tests/platform-ci/provider/files/ssh/known_hosts new file mode 100644 index 00000000..50bc01fd --- /dev/null +++ b/tests/platform-ci/provider/files/ssh/known_hosts @@ -0,0 +1,4 @@ +# +# This file is automatically generated by the command `leap`. You should NOT modify this file. +# Instead, rerun `leap node init` on whatever node is causing SSH problems. +# diff --git a/tests/platform-ci/provider/files/ssh/monitor_ssh b/tests/platform-ci/provider/files/ssh/monitor_ssh new file mode 100644 index 00000000..81ff75e4 --- /dev/null +++ b/tests/platform-ci/provider/files/ssh/monitor_ssh @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAxG2QA8pYOcU8ViBfg5QFTS7jboEr7G9UFpUisHyGyY5rJZ/9 +N04UK7GRtCYS+Rd/9nqWmoV4StdVH9rXFLHxPvVH3z/jHGDir2fRpkywaWGVMiU/ +F0QSv67YbooNOdMaTacapWEwmwjO0ApDrHlqdBZwGb/gh1wW7lUpBgzHN+ZzNU8Z +lVh7icYgqv114NAjfzA+VGOwVpCW1q3pR8c08lSJgfnMUZ2gEmjJPizC6Za1RvIx +kzEkRVnmtlN4i62J6aSwLKMDXlyfjailFzfZaPdjlA5ijMvGZXo/zUWCaQJS8k1c +0vkj1arGHZ0J/t5so90qycD9j5Q8s8nMYZ5rbc1C7uPsx2ywqCVwd0St1STcNq4d +FTZEc5edaKFGNjC0fzp3ZGzIvEyAdJMimXFcC10JP+TBgorQmNrH7iGNfsrr8b0P +65Xr9P3sopEOSknsONoVBiH/9MoDd0CuVY9A0ZmmExB8qf2uc9ll2/SLcdX2jon9 +mX5zBI2ENcGnezHgGv4jp3PKaBokmOaOrQWND70/bgXooDmTU7+O63SemPoJhdwS +CiI4QU2Vi5aEEOz966q+hi2xTXd96G9/qoOjdlBBZThwSsF6FDGdGjdUe+qkfGQb +aybWHXbdHJamAWnqAtfwHDbSkShKwfJK+BqukkHGoe+l0zXrfUP+DZ5rcxsCAwEA +AQKCAgEAk1rNysok3VHFLacjgAWu5HPkUaW9WaU6o6ZFW7hPNS0N3C/lOXPtVcnj +0A0v9oVWjYTxLgIqd5qKVVdKOlAy9lPzEttOeJ+F7qgncmXdgXCfB/tBFScQGZQE +8QfHXDWtacuOBbqfR+6XlyHcGqsK3QNoHSkAOwsueKSSHePAH4NVsgwg2RSDuJtV +LnDt2TTLLEL4vz35rzbQsUPN2PbsFU6tyT+nsyJYTvck4OubXLieTRarcgxPdWc3 +2FdN+xq4dvoA37t6b3N0jkSRdJWFF2Ve4lbYP18u+jl3W3pllnkT2ImItQwJgeSW +suh38ybQwSzNSITqsqc10nn0RNcfJvLK5CscX3xL8RYMcMAk9uxIAa5pACKnVwVj +a92pP0838E+3AP5yaAMNZg5xeC5jlZCOS82SM7xKBQacmeLHh7DmjZPqngzSHyDu +UyIlRn4dYB7G51QuQ1ZOZui/uODpUDcmh0EvAN2P/FDfhE4yvdJ5jIznNci7qEbG +GZ7S2RcMbexl7RSo6hvhXp8D4vuAgWMPpVXaIBf/G9BX+YBwpo90ohB+LRmnOdWA +FJfm7tis4ANx6XT+aWwvFEc6YTxV2ECq9yKcm8Ws0dhifDE2eKbWD9sL41p2Ghaa +NWGUJ55wgsidl6r9roA6spROMvaM0bRZFLE5OcIhuE9D7wnHD0ECggEBAO8t7v31 +23y8BSY4WuIN5JzNkcrY+d+P/WNM4KjATUw08Yzg29u1Ebh2JJLoSAHEyV6ngNJ3 +SO9uOhrH6mfBW+CC5RT1rE5g3G9bz8ZI1scMDJcXYfIHqhOynP3RbiaXR39fja+l +u7lW76mVM3qqET5oj4LBxU7eUyXzQqV7UoQyHBKNW0TALL/bRVdTabUyGprVbo70 +Ww75j2JqD2hK/803Ebi+VkkN1NcGiLdaWm9qvgTYiRENsSb4UjZX2EalKZERXcHy +e7VCKdOVWwbWpDdTG1mg/bI+EdQvHXXuD7yDIKs3z3d2sYeqdMhQ7rJE3Ra/P/0p +Kim+GTnDlVOwfXMCggEBANI99A6zp1iu2tkTIExEYin189BxtRg5EQRVm1CJl15O +RrfReUVuhvRSagQlXz7qnNiETG73F7ouGu4QTLYP0Lmjxa6UP7Lu0mQ23al2/OXE +1agzSLGTZv50sRE8f0Oo7fi/n++QVUfQ1MRM7yMtZnrl9X85+2KKQLYI4Gwb3yUU +geJMaX8X5s6CwffRYe9BtYb3q2o1ySTbMIcdL2aQbAorBz33DNkp/SyLwEiuaogt +jb93KCtoMiOyYs6gRMI3MxLGg6dLGbSB8QwBxCCV87UoUAS7IODqAHJwnacYKhEV +0EcA0oDjT9cQomX6lQQFmxXE/2A96P5e8wVPyTi5SbkCggEALkIA/ecF6yrmCA1Q +LnYnZ9guQUATm5RamlDtBlYi3QFEUk3O18A+TCG1UyBPhOANXhwhQxNE7OGxpSpT +AHwaC+Lk8VfOWl5LY9Iq7ht6RobjDHm+PLQUxbh+umw91ILflhfh7D2uf9r7gR3V +Ff08VoiccNqPEYDYLffNRPoD7INQgJoMM9DDFtwOniQIxr2I/bcXqdhCoDPN8me2 +0SHoNUVYTRWq1HgzWN7vpB56bSAE3iUO5VhzkajnJZF5x7f7wQ3Nx0vhdx3zvvMc +5sauffC50mzbhBSTGCmAliVTr87gi5zAqEcxcJ6b9X4JnDrLU7Hra0gB2o7kjBJy +l/wDVwKCAQEAjcICNouCEbTMkUNpKqONQNe6zthsj+mihLaoI7SyYH8NBdJzH5K3 +4jNTknoUb5rHqOIDm2p2EC4YMF7DKpsdVJ6NovoIvUB0kefArAwz10VR/ridkkZe +UsIhxgpxkRBtbKTgVSqPpf20CKwLLj/lcoZtcpyI2Nd5bIQtthdQ7XKXZRu6olxe +Xu4hlVQT4bv/hwKmDNY5SuWUIfZWyKQmhPCgUHKsshyyvX95ZkhcQnfctLXGWwZF +kHYuUz4TPpTzlfxONtXXfjODcWIbeRFCouqMkbQPJjgBlyhB1LHhY2W+6rEuPoOG +iO+JYJOGOJEDEbmjq6Py3tjsqa8zcVDV2QKCAQB2O6qmJCgn6os9ladkcnpTO5oD +I+poz8PdwPcoB+KxW/Jj759mmBCeFh0HtZlct9JMexWD8cB2+x0412y9cZC2XduK +tX0tci1WhZTR9XEo2BjzNJBRvRxSDOz1Fk0y2D9fhsVrPkS6qZ5/+kt/O6cgyFxb +4m0+2V4qnJcF075PF4G/Raq8sKKuPOg8EHTnVRZgyL7vmrprRlPqpq8CYJUwPX53 +ddK3exo96qLvYCf7qKtQvDedLbllrqgOE2xrhuPPAmaXjto2dHb/7NCVBoccL5mN +SPFLi0V6EvPUlYZZ/e0XQafMT20/moMWnuIH1igkXPkw/hwpBLGVVEsLv5hl +-----END RSA PRIVATE KEY----- diff --git a/tests/platform-ci/provider/files/ssh/monitor_ssh.pub b/tests/platform-ci/provider/files/ssh/monitor_ssh.pub new file mode 100644 index 00000000..8be32927 --- /dev/null +++ b/tests/platform-ci/provider/files/ssh/monitor_ssh.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEbZADylg5xTxWIF+DlAVNLuNugSvsb1QWlSKwfIbJjmsln/03ThQrsZG0JhL5F3/2epaahXhK11Uf2tcUsfE+9UffP+McYOKvZ9GmTLBpYZUyJT8XRBK/rthuig050xpNpxqlYTCbCM7QCkOseWp0FnAZv+CHXBbuVSkGDMc35nM1TxmVWHuJxiCq/XXg0CN/MD5UY7BWkJbWrelHxzTyVImB+cxRnaASaMk+LMLplrVG8jGTMSRFWea2U3iLrYnppLAsowNeXJ+NqKUXN9lo92OUDmKMy8Zlej/NRYJpAlLyTVzS+SPVqsYdnQn+3myj3SrJwP2PlDyzycxhnmttzULu4+zHbLCoJXB3RK3VJNw2rh0VNkRzl51ooUY2MLR/OndkbMi8TIB0kyKZcVwLXQk/5MGCitCY2sfuIY1+yuvxvQ/rlev0/eyikQ5KSew42hUGIf/0ygN3QK5Vj0DRmaYTEHyp/a5z2WXb9Itx1faOif2ZfnMEjYQ1wad7MeAa/iOnc8poGiSY5o6tBY0PvT9uBeigOZNTv47rdJ6Y+gmF3BIKIjhBTZWLloQQ7P3rqr6GLbFNd33ob3+qg6N2UEFlOHBKwXoUMZ0aN1R76qR8ZBtrJtYddt0clqYBaeoC1/AcNtKRKErB8kr4Gq6SQcah76XTNet9Q/4NnmtzGw== monitor diff --git a/tests/platform-ci/provider/nodes/catalogtest.json b/tests/platform-ci/provider/nodes/catalogtest.json new file mode 100644 index 00000000..05703666 --- /dev/null +++ b/tests/platform-ci/provider/nodes/catalogtest.json @@ -0,0 +1,39 @@ +{ + "ip_address": "1.1.1.1", + "openvpn": { + "gateway_address": "1.1.1.2" + }, + "services": [ + "couchdb", + "mx", + "soledad", + "webapp", + "monitor", + "openvpn", + "tor", + "obfsproxy", + "static" + ], + "tags": ["catalogtest","development"], + "static": { + "domains":{ + "example.org": { + "tls_only": true, + "locations": { + "front": { + "path": "/", + "format": "amber", + "source": { + "type": "git", + "repo": "https://leap.se/git/bitmask_help", + "revision": "origin/master" + } + } + }, + "cert": "= file('cert/example.org.crt')", + "key": "= file('cert/example.org.key')", + "ca_cert": "= file('cert/commercial_ca.crt')" + } + } + } +} diff --git a/tests/platform-ci/provider/provider.json b/tests/platform-ci/provider/provider.json new file mode 100644 index 00000000..218ff529 --- /dev/null +++ b/tests/platform-ci/provider/provider.json @@ -0,0 +1,18 @@ +// +// General service provider configuration. +// +{ + "domain": "example.org", + "name": { + "en": "Example" + }, + "description": { + "en": "You really should change this text" + }, + "contacts": { + "default": "root@example.org" + }, + "languages": ["en"], + "default_language": "en", + "enrollment_policy": "open" +} diff --git a/tests/platform-ci/provider/tags/catalogtest.json b/tests/platform-ci/provider/tags/catalogtest.json new file mode 100644 index 00000000..0967ef42 --- /dev/null +++ b/tests/platform-ci/provider/tags/catalogtest.json @@ -0,0 +1 @@ +{} diff --git a/tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub b/tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub new file mode 100644 index 00000000..1a3c370d --- /dev/null +++ b/tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDkRxRRgaSmpzm1tOJMmvOrge/V7fQ9O0q/A+Ez0OlC0LC25ar0gPtm2aKjk3sIThA/C4jA9pGKn4Bi2TEh70NEUoTsrpRfFa8t3VRi3AdvMQ1gHdz53rZ+ZEk92Jf9DyP7pvJa0rKAL02bMAIugDqXXIW4KfrBZYZ30xCUywgl/0pqaQKidi2sFiFMeC36mW/YiomgXq6zmdZAI7h3/Vn4QWFVl/JJr+5MSVfYdG8wWgdnddAUC6gvsYsFP48e+gBeK0ueqHVMrEj2MB7WQ9h9zqPwzdcB6LcdbMgiFxxgpSdyy1DP4AW6PYkTOHPo4GjdU8/THXB9Ad/kr8vk7fOf gitlab-runner@greyhound diff --git a/tests/platform-ci/setup.sh b/tests/platform-ci/setup.sh new file mode 100755 index 00000000..69a348b8 --- /dev/null +++ b/tests/platform-ci/setup.sh @@ -0,0 +1,4 @@ +#!/bin/sh + +which bundle || apt install bundle +bundle install --binstubs --path=vendor --with=test \ No newline at end of file diff --git a/tests/puppet/hiera.yaml b/tests/puppet/hiera.yaml deleted file mode 100644 index d4d0f670..00000000 --- a/tests/puppet/hiera.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -:backends: - - yaml - - puppet - -:logger: console - -:yaml: - :datadir: tests/puppet/provider/hiera - -:hierarchy: - - catalogtest - -:puppet: - :datasource: data diff --git a/tests/puppet/provider/.platform-test.conf b/tests/puppet/provider/.platform-test.conf deleted file mode 100644 index 621fb7b7..00000000 --- a/tests/puppet/provider/.platform-test.conf +++ /dev/null @@ -1,13 +0,0 @@ -export ROOTDIR=$(pwd) - -export PROVIDERDIR="${ROOTDIR}/tests/puppet/provider" -export PLATFORMDIR="$ROOTDIR" -export LOGDIR="$ROOTDIR/builds/log" - -export CONTACTS="sysdev@leap.se" -export MAIL_TO=$CONTACTS - -export OPTS='--yes' -export FILTER_COMMON="" - -export LEAP_CMD="bundle exec leap" diff --git a/tests/puppet/provider/Leapfile b/tests/puppet/provider/Leapfile deleted file mode 100644 index c4c25b4d..00000000 --- a/tests/puppet/provider/Leapfile +++ /dev/null @@ -1,2 +0,0 @@ -@platform_directory_path = "../../.." -# see https://leap.se/en/docs/platform/config for more options \ No newline at end of file diff --git a/tests/puppet/provider/common.json b/tests/puppet/provider/common.json deleted file mode 100644 index a13f8f75..00000000 --- a/tests/puppet/provider/common.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "sources": { - "platform": { - "apt": { - "basic": "http://deb.leap.se/experimental-0.9" - } - }, - "nickserver": { - "revision": "develop" - } - } -} diff --git a/tests/puppet/provider/facts.json b/tests/puppet/provider/facts.json deleted file mode 100644 index 0967ef42..00000000 --- a/tests/puppet/provider/facts.json +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/tests/puppet/provider/files/ca/ca.crt b/tests/puppet/provider/files/ca/ca.crt deleted file mode 100644 index 01df56a7..00000000 --- a/tests/puppet/provider/files/ca/ca.crt +++ /dev/null @@ -1,32 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgIBATANBgkqhkiG9w0BAQ0FADBKMRAwDgYDVQQKDAdFeGFt -cGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMRgwFgYDVQQDDA9FeGFt -cGxlIFJvb3QgQ0EwHhcNMTYwNjExMDAwMDAwWhcNMjYwNjExMDAwMDAwWjBKMRAw -DgYDVQQKDAdFeGFtcGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMRgw -FgYDVQQDDA9FeGFtcGxlIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw -ggIKAoICAQCyW2rTcWimY288/Ddu7OPvJxShS1RInQqfq8hYy6hEK2QYn656dRDf -pJXgSYWMvWzSXWJiQkyA8L2+DDilFtccqToqnKE7IwYHlxaeh8OSyZcHl4YCpWJi -1rc7pysN/l/0pjsp1aKKyHEObnkGMev07uGmI8aOE4Yvd2K5LjBjlov5mNnbYEHW -j+hWctV6OcphnxVboqtTy+0Ewv5D56snLjUtedyB7Er4ryRjIrWOyd+ZSyi03zov -oY1xPXS5wSxCc6y6wOKt7/noIg9xxWi7XgSd3OVtPYRU3Io62lMBSzNG6fmos3Mb -E4ui5ma7IFCJlMEFHirVSBiHn2jwsDtSsrTl0JHJS5ud8Eve5vV0r/n07QsDMhj5 -ol+YDq4+VvOekCAH75GFYkMIzpgcVzC2a1Rq7JTkcnINAF/m47yBLPomItklHv0z -+I23Q+jjTaM2A+40T2K+YRLjFyZwrlCAScjMwPFspnGxfa02miYENhPV1TdTP/ap -QE7TSl6oFiNrTh7INHGvKgrZYRW598dgAWNKG4zWY8Vj/bIXR1lC8Lp6enQtsIsU -WiF+zl+xq6bRHg7W419qQowiD349gPXIJGlXEzLqjgLpmpFywrpzxBv6sfZgYT9d -OPATT+GSiOFYJh9K4/JIxOFBJhzDD6PribjhzydPMTojSJ2Xu7nsOwIDAQABo2Aw -XjAdBgNVHQ4EFgQUlhC2wfrVFzGrtuzcA0mkO+yn9bgwDgYDVR0PAQH/BAQDAgIE -MAwGA1UdEwQFMAMBAf8wHwYDVR0jBBgwFoAUlhC2wfrVFzGrtuzcA0mkO+yn9bgw -DQYJKoZIhvcNAQENBQADggIBAAKdSviiZY8tINlDSVrib0CyDbXymO5uTPRqsf/u -MC7/DYXlNFy0GHpX4Ls6GcJN5DdZAG0TaoWo5RkNerxqv78sGJsmPqWt55cpBPVe -NLpFmxcOmLClSDLBhSaq5ggbxULScee7MS1gPHqz1BHXmi7ZJIip4VeVA2e1E52F -J7E4Y36AJOdZYLgz50YOX/NZwSYBTMy7RI1MiqG/eJf1BjkwtSyO7FTjPXsdKi8x -HhtRr5udm7Nprq1eJUUDD0+z4kAeTe/LJeuhxc4QKzpVZkE1peW6Wlklp0cdLJud -7gUsY1GFnNhZDDQ3SW2ZJ/p2OdH35rX96cj+6VClqSQMbH4rL63tICLmAsEzPKwJ -57bGVUM822n4mh0vn79dam40vMw7wkTKqIKVyLhk30N5/73XczpoLhvVdKDtA1Aj -C6LseWq4CZsaRSCgk2VsEEYyl7M+BIREuhYOllsILneOTiCOCnU4EdnBQZIHdz3S -xhduafYXLa7RHkFMfOjtmhogXXpGyaQuS8IsivIowOxKoIZo47IhYRRAghrVN2HK -ZXrgftIHNfHsFLfe6iiQBgaRn/1w7xOIPVDBqlZKKAMQE7cvum2o6dJo03Sc4dIe -rvIU1WGNRLM3/AsbZ/7gqwD3INiNUPeuVaiRqvLvXnKfHlR/4s2wZrnKqUgYF1Go -arXF ------END CERTIFICATE----- diff --git a/tests/puppet/provider/files/ca/ca.key b/tests/puppet/provider/files/ca/ca.key deleted file mode 100644 index c022b19a..00000000 --- a/tests/puppet/provider/files/ca/ca.key +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKQIBAAKCAgEAsltq03FopmNvPPw3buzj7ycUoUtUSJ0Kn6vIWMuoRCtkGJ+u -enUQ36SV4EmFjL1s0l1iYkJMgPC9vgw4pRbXHKk6KpyhOyMGB5cWnofDksmXB5eG -AqViYta3O6crDf5f9KY7KdWiishxDm55BjHr9O7hpiPGjhOGL3diuS4wY5aL+ZjZ -22BB1o/oVnLVejnKYZ8VW6KrU8vtBML+Q+erJy41LXncgexK+K8kYyK1jsnfmUso -tN86L6GNcT10ucEsQnOsusDire/56CIPccVou14EndzlbT2EVNyKOtpTAUszRun5 -qLNzGxOLouZmuyBQiZTBBR4q1UgYh59o8LA7UrK05dCRyUubnfBL3ub1dK/59O0L -AzIY+aJfmA6uPlbznpAgB++RhWJDCM6YHFcwtmtUauyU5HJyDQBf5uO8gSz6JiLZ -JR79M/iNt0Po402jNgPuNE9ivmES4xcmcK5QgEnIzMDxbKZxsX2tNpomBDYT1dU3 -Uz/2qUBO00peqBYja04eyDRxryoK2WEVuffHYAFjShuM1mPFY/2yF0dZQvC6enp0 -LbCLFFohfs5fsaum0R4O1uNfakKMIg9+PYD1yCRpVxMy6o4C6ZqRcsK6c8Qb+rH2 -YGE/XTjwE0/hkojhWCYfSuPySMThQSYcww+j64m44c8nTzE6I0idl7u57DsCAwEA -AQKCAgBGAzi186i+1/2MlP01n+wBrvecMTPOpUbMUuR8ZsWQrO/H8rbM/zM2dycW -OgYgryMOmPXL2HarjtUMy0NZGtQqPgvFOmLYEfGF/Ts109ljv5p3snU6iK1MWzjm -Q8LU5WvJX4+N5ny9ud0Xayo60lHrffI6A4UntGZSL60jQAxiq3Aa9HNgeDKgBTGQ -7db6+cCF/aqmo/5ZEI3j9p9VDJXU9YCOb22t2pG7eRTxjWhzuq75P9Wk2pO+qs4Z -C6TMXhX/p+TAEoNo//C7vNMPOAzasBdj2Jh+/0z4+vGQFK/MrDZeue302SxwDoYb -1hGxlwfGWgxC9AqgWoK2ik7pXGSMc/DyFJHswvVgH1I4wK1rkydDJphlgmYNDk40 -3mvpbQcNgcs5q+q0jrbFmFJHPyLa2z3hMnwZr+3BViNQULQ7ihUqpi8lWEyTKtim -fL3HbqGv2da/2HQtWUU135RQGBjQZBqcJX9LiCwfbdUI+/j+mVlDJyot/xXhJ0WJ -+6OKOVz443957QEV6df8YkRnnRkaTfvj86dNQWCStdIyiYHzaVZ64f8GDHpGOazv -ubiv2o3ZaYvKS1mGqBKdXxEe1Dxndtq2+rDcnx/jXZjaHjEALFaxKJdZIQPUqh/3 -3UTe8OFFVeAcA9w0hqPyUwMfq34DczeKVtCEEEYkDldPyZ2MIQKCAQEA4e5bcaUW -5n4joUGdgeCYpYyA6MGKJEahy5VeI4bs8/o36DHXFMLmmUrgI4tgy3r4GDG3CRcW -q0fVi86qXTqHcScJ2S2jsEuX9Q91LLIwxiun1qakQ9w8kCaYvw6Wp+rcfVXTAe5g -Px3i/Q6hy7Vhs1Usn0iuwCbrIvVpJ50gRul+QojLFcw5i1FLmCAU55uhj9u0h7JP -/Ni3cCr7WCYct8xknLKRn6BHOHodIJDpX1/KNyOJ21V5k47gRAJwlcn90/OSs2O0 -SIFfZQ8Gafvr7C2wMs0YvVXC3oXSlhMkYUJt1B6PKp92qxwiRsw5i+HA1LXbGOoc -btnpfJA4d3TREwKCAQEAyhgtsRmfVwXsQswASUvn9NNUJ61mZdpPMq9d4BSNQzSv -EjM3aTjuqGBh/r01VQm666hSFhv7yo3GIlhzjez8hE+SExSnHMw0MMCUEsDBki7e -SY3rZ0Dzj9FfGBYagOesyQQZSjFFSfmsnBRkrFkVwpJvA0nDMg4xYDaX6yyf8RFX -2teXdI2q2UcTNK5001fVOHLY1ML4ytCIG7gGV/WVSGo2V3VOA+Xl/VdII1hZfa1i -LcdCiBw65vsiDeROoG02F1v5xwDLei6A8JYmJEqOy73+ZgABe2Hk4wQx/GlEH8b5 -2jfNp+1L6aRkXFhAm3wfRWQsKfsYSB2XJxxB8RYFOQKCAQEAv6dc9viehoQ2YVKx -9Dy8AKNBrzCOqNsp4PMiWmzYkNaPmm69DyWOTDdSD5TqVXJJBu0VYaauWjmjkueL -aW5++qOtHQg0NRbLHt0v/uxhp5nc1J+j9NTco0O6i0gq0OLQi5nEV30JNEF8DkLd -SVriOChmo/AaHXJmQM+BllMZ0E2+B17XN/R4VBBwWenNEfPZh5lOeVXvuIN2iLZN -ZKdf8SJ3rt1j3s8t22DrWHbVIUy20zNYfDDz4xJueALB0q74nVWf+oD3rBHjBG1M -eZd0uHLBZzbIZ8RafD11OE2grMiXNjt+IyAGoHxLL1eK8XheBZMG+wmNeRNtl3cY -D22O9QKCAQEAx76kEqIXikSxYsgNFGTw61ugluLdDZh7pMYNy/ekM6Oz0hJLFzYN -NOCmmshaGSXX2SnxkCaydF4yUioIdGOipgebgj5seZsfjnwZHnvkFt86F4ss+04I -LcKr8buPEI9riPcDJACU0mvy/gVuB6a5Sim/jYlvY18B0G3FM81UfEk/A28JJEsN -bVnBktVHZMgwV220AH6AtrzrejImGvQBS6Sm90RbCqFE82Q8Sar+MKiZHFQQ30S/ -tyLKYt6gFBI9X1MqClYvxyCFksVlB4OlpZyxABHLZS65suOnoCpPCfV5aAS1wN9a -o6A3DcqweL1yjvxWZlvmgQi2KBLW3jl8iQKCAQB9S91mjvys1iwcz8sYneCNetHw -Axlr1pfoHUgyTy1/9ategbPkEegLCDtAYmILRBiVb9hnSnmn9k1fYIo3P3nja/vU -wJyYubpu9DshzlFRQ2GANpKixjm++NTfpMVIYpcBUjdqgqc501FPUYksbZkcpuDG -xJNAM3OzSkEmc91sVkjUhcjXovW+UWXtqxGn6/T9TcgE2yrhgSbz8rnr3SDHEeHz -GgUaQGXodg0kr3tLJSY/+FGuORL4mtV+0XQF7EbN8hC8b8B+bHpiIrWcMJ9OG7al -1UfkeqXvOByN3Itx489BtrizyYGRIrMCfguTBKNxe4J06If6mkq9GKC2hnM8 ------END RSA PRIVATE KEY----- diff --git a/tests/puppet/provider/files/ca/client_ca.crt b/tests/puppet/provider/files/ca/client_ca.crt deleted file mode 100644 index c1214476..00000000 --- a/tests/puppet/provider/files/ca/client_ca.crt +++ /dev/null @@ -1,33 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFpzCCA4+gAwIBAgIBATANBgkqhkiG9w0BAQ0FADBmMRAwDgYDVQQKDAdFeGFt -cGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMTQwMgYDVQQDDCtFeGFt -cGxlIFJvb3QgQ0EgKGNsaWVudCBjZXJ0aWZpY2F0ZXMgb25seSEpMB4XDTE2MDYx -MTAwMDAwMFoXDTI2MDYxMTAwMDAwMFowZjEQMA4GA1UECgwHRXhhbXBsZTEcMBoG -A1UECwwTaHR0cHM6Ly9leGFtcGxlLm9yZzE0MDIGA1UEAwwrRXhhbXBsZSBSb290 -IENBIChjbGllbnQgY2VydGlmaWNhdGVzIG9ubHkhKTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBAL+WKlA0V+1aMjDKCwk3HaVJz7tk+knutrr3RtjwUshp -wPty3+t1WrTEtfLLUv6MNOFStTPv5/JKAtDVEcm5xVJ9DNAw8XBnouUnm77WrMa5 -t3Oa8iA6kL1GsdfCoAyKNSX7ArDlfumA/fakjIvPoRYmjplzsodlHISu5FqpHc+G -NdX89K6yzcjgMhRhCvHLrL9d+pe+efBDLab5I8pA0CGpaLfzPQiUNc2E1jn+ApSJ -Bkq+gVBscKcomluDa6rtP2UeGGvG1DkHtbpx1WA/a/T9Tt7ACFd1uIQ2Ob57MAHx -WgP6jD+Kj+/r9sA0iXGN/JnWXxpsVfYjbEFhRhL80Z3Rpj3Hf6xgUJbx0LUE34xA -CTAK/n9G5q+7oog6oSNx80AU6ihWoucARtrQpwrV8rMvEO+QAtT2DjQMShYupk+n -vHV1BTsigsjfywB2eGODKC5u6Ev91Zc8JEFmVvR+/tEP/XNzUTejGVi1fuABLILq -Id0rL37j/NZ9OyExGSJDIRXSH45gHMkjNlQlqXYJ4JiZZbs/8UHEv4TnwFceBBhM -lk8NwQE13B8F+/mcpaLaQ3X9AJzYBIh0CWkAaSKXmpIMSrOFlljihIIsA/p2OmOc -g1sumCK3IU8AXoUbzDM1EqL5/wE9jD+ns8Bsy4JR1FFZy1FOmQfacIJdbd46jkvD -AgMBAAGjYDBeMB0GA1UdDgQWBBSrXJyoXQRw+uwU274hxHyKeX6kgDAOBgNVHQ8B -Af8EBAMCAgQwDAYDVR0TBAUwAwEB/zAfBgNVHSMEGDAWgBSrXJyoXQRw+uwU274h -xHyKeX6kgDANBgkqhkiG9w0BAQ0FAAOCAgEATF/s9DHNj3h8O4IN0eUC6YiXnpGv -z3z4KPD5RYy9+O3uf+f6SxFOZZU5NU9GHE9VRenmerHSsux9FxEAGsCjpiCFQGXq -PKPBINyuR6TIDo+E/bl97Te0wL7aATiy5HFfQd41IoYPjuDpgb1Fc25w6iv9VeFG -WrZ1JLJp4wguZ6RKSSLhsBF3m+wGe6Mg89b1sdkCvFr6EVqlZZbOSPUpUjVYp46p -v3WP+Grtx9rBlJxqPpA7RPIyqnyiE4ovZcznz+9glgB3n1ufO+dSCVjkAEPxvmLu -Qj7Jc+rpNOE5xZCFBaqtCBaBm2Uht3OyHypK9UYLZ7QOAfrGnBdgLERkAzPG6Zok -yXuo0YTjHpdy5BPUD8VOahsj/2tzkMXkYmRCW9/dRwhfvi3QQHyQpsRZizmWXgTV -JWa6UYfF1B/rDt3sn+AjDCxhHeBe02YTw0MWG3frv3Gn2/JUESSQjK4Xhjg/DPxb -pLfhSLuq7WWqtkJsI0sZVj+GAdkbTgGjMLvj6+ckXpqE9V8eDgvE7KqYlSS2i6Sm -e3SofOC2h10D3pWtX1KSPUp20ClRE/MUS/YW9szKZhqA/ZNMX2eViF05hgqywYwg -GvapgFpn0mbBj9sOrBuAZX/r+U3MBv/Pj8ErdX/m20Bg/eIPBcHftS465Y9fjGu+ -apsldYNSrCZ30p4= ------END CERTIFICATE----- diff --git a/tests/puppet/provider/files/ca/client_ca.key b/tests/puppet/provider/files/ca/client_ca.key deleted file mode 100644 index 160cad43..00000000 --- a/tests/puppet/provider/files/ca/client_ca.key +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKAIBAAKCAgEAv5YqUDRX7VoyMMoLCTcdpUnPu2T6Se62uvdG2PBSyGnA+3Lf -63VatMS18stS/ow04VK1M+/n8koC0NURybnFUn0M0DDxcGei5Sebvtasxrm3c5ry -IDqQvUax18KgDIo1JfsCsOV+6YD99qSMi8+hFiaOmXOyh2UchK7kWqkdz4Y11fz0 -rrLNyOAyFGEK8cusv136l7558EMtpvkjykDQIalot/M9CJQ1zYTWOf4ClIkGSr6B -UGxwpyiaW4Nrqu0/ZR4Ya8bUOQe1unHVYD9r9P1O3sAIV3W4hDY5vnswAfFaA/qM -P4qP7+v2wDSJcY38mdZfGmxV9iNsQWFGEvzRndGmPcd/rGBQlvHQtQTfjEAJMAr+ -f0bmr7uiiDqhI3HzQBTqKFai5wBG2tCnCtXysy8Q75AC1PYONAxKFi6mT6e8dXUF -OyKCyN/LAHZ4Y4MoLm7oS/3VlzwkQWZW9H7+0Q/9c3NRN6MZWLV+4AEsguoh3Ssv -fuP81n07ITEZIkMhFdIfjmAcySM2VCWpdgngmJlluz/xQcS/hOfAVx4EGEyWTw3B -ATXcHwX7+ZylotpDdf0AnNgEiHQJaQBpIpeakgxKs4WWWOKEgiwD+nY6Y5yDWy6Y -IrchTwBehRvMMzUSovn/AT2MP6ezwGzLglHUUVnLUU6ZB9pwgl1t3jqOS8MCAwEA -AQKCAgEAp4NO3+3Ea32PoOUnnRkZzKmq/jieNwKHtxX6VjhayWzeFX0tmBx2ANR2 -GiH5ISPKILFGSnEbJtfbemiyMuVBSIyaJXaFxDh5T0/Ad64QR3mek3AJAHD0mOo1 -GWfMtOoq6lh809r1iokEhSD+2kfimxF/YWCt2oBn3QNmGnb/37GDZOTVs+IW1+pf -Hz5yaVQiaPhs4TzkNVUnl3UC/BaLZMNREnWVCek82cOp4+7aprDgVX4YZw9JuH5h -6F4SR9NEuM8Fn0arzGmXVbuuS4dohz7sNQtGv+HoQYGAH7JqGWjDwfLRqcUncSmq -CAhnnGf/UysC4IGU76+tOcUplfSD+aur0FWCtKf4scfZR1Uh6inpN2WQ1r7c34vW -xKiRZDpoSRpDkxQaj3KQJeWEsAVSG+y1L9OgbKDjeGE/7U7Gt2fOKih+Aqt0l+xt -7Go1v99u0VhbyCWiBDF9XCMFzJBx0fIK+RfNHXEkkcoZo8kbnTMGgdoBqfCQZjIS -HRm9wysljMhdTYRFi1Vx8IrDGKNenc2USS1i31+6CQ6ZHoAZm5wvOxJ/nq3VS1I9 -MJDWTOQIsZQWHVlp+xq3hxBDd33ksQ91p/rsp38VrjYa7Bhd1Vp0xZUB51i4eUJA -WX1RPKnJ/omwsUXGsQSLAOR/xOYH+CcWTCu2uMd4oX5Zx84xBGECggEBAOpt9oOx -qHYtZHITFa+9htd9QWPnE5H5oUby/w4gPsymazY1raHETo6HWueByCQnNHDflSWs -3LOUnrt166wtn2yhaOAw8mrHDCuxwUUfloFyXRal16Sh2QoQDqiaAQrVzg1AM1Oi -kSBE//OB14YrAUrFFsPZpDHE76/+AOXqp7Ju+XKd0WUeX1ibQzMO6PxuUKKmH4q6 -2gZbwx5olkFb6AVY7dk7Yy0rrp+YxP4Js/JjoxjMu+DB1HOru/LAgCXU54cM3x+A -VuxE1D+KATVpqzqtDAccEyWys4hfZBlil88Schbenvo53IREB048KXw0mrVHeDDH -lIPEFwO4Gug+KKkCggEBANE3BwY+/8QDpgJ+EhEIZfraW9z10sQE5L5WIPwDLCnL -8dXLLW2ayfUtLRe2d5chxqPiAcjJranYR+hZXkbNeRAqWKJWn9QbCrYgqMKz3fyv -g9hiVS0rTM+rZmAgCxO9Wc6ZSBTcYjyXKe9NCeXYgrpEcNa0bsbdq99d4s/Rym6h -wofm7c3HAiPBLvduJ7MNnOQpvHTe2wfkf+Meq8K8WPX2UnIQXY+C5EE3FJG2PUrC -1wryWeVUraLyS3S9pGCUhMlsFJF0RXDp58nbVGvdcfIDfCcH/fjZD3PFpD2vUaJt -DhGHraxasYC4C+WBm4SkG9P+hYmQD6hVjD7BiewneIsCggEAN5r3owsr00Q3FBvU -xAeniUuLjB/Oc4yLpaGTwA0D+FTtD0GyOrGulH4koM8W4wRtmuxdmz8iZnI1KG/z -A7canpC2qJ7TkWI/T8ns9vFkKLYwwGN7/+/n5Ewkvfcxkhles6PryMXBuK7FK0Q8 -E/X1a3/OQ4xHNwroc41DN0XumxNZlcc7WMnYgdLqIJ1DxESCWeIfjy988Y8oe/kA -0uXy5fnPCPzeLGO1GuQIrd0tUqwxjntZgRlYxEsS3KSugMq8VDtIXVd6xrYYxi18 -1eeHlvZe6PzOyd1WWl2OB7tsGNDeQPBzMxUwaisctIDusihkHeWi66cbYhnL/7TW -pQnBaQKCAQAxU+QYGOp88M9HbyobUfuZdbqLEnqrNOwp5GzKfoT/JdLTMaB4YzKS -2B/1o1P3EkOfiD4bdVG45gGuSsPrta6BnTpgrEPq4qVX48NmhLomRcu0TRsAF2F4 -5VSx/VwfP1nZWFKieIPA/XMptORMiQvplxFzzf8AbGuFssEzdqdgBkuzd0NCbVWX -0IieVh6OHPuM4DpK4/CIn9t3VVfyBi6Db5xowGsO1zGyHqZ+5JT295F0R0fixmBa -Nv6Le9sx2lKkmxMOaHem879u3IO/GusuwJuZKE09SxBVn5fl41xAC65xe6f7JzcK -vlovtqtQTtEw3qXllU3bxq/WbBN01qmZAoIBAGjkBPKbUqj6b7dNd5PN/+BHvbP5 -VgNXnx3URS1OVUwqBWi/sFdPCW5JrTAUgsgsLKWzmzxYq/2Ij1CnTHGFSvAd3olL -6ycmkbk6kguD1mXpvvntJKQwAi9J3z6kNzjoy73PAblUd95TWhpqHwRHVp+C0hUF -03N2Xn10zADA7zBXwydEk7cFtOuw/pv27zrEqqwwYuNBkjfn9vOxDpT86D9ah66e -D3CyUM+xkgKp4nzVvbKS8530nxkWwonGJpou8wdHZ8yu5DrPLeRQIBLwy6XAVcdQ -U4chotKxL81f2UvZ6cA2FGpSQef76mcW643njxzndEfwQ5+twtKBzx0TCH4= ------END RSA PRIVATE KEY----- diff --git a/tests/puppet/provider/files/ca/dh.pem b/tests/puppet/provider/files/ca/dh.pem deleted file mode 100644 index 3c86bf39..00000000 --- a/tests/puppet/provider/files/ca/dh.pem +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN DH PARAMETERS----- -MIIDDQKCAYEAhh7GNJktPFPgzCHPrWKCSmbhZtO1ypcVJCEZ0VkvpgUpUxAZnRl4 -TPZaQVbYx1gGpvJ6pV341zoeKlFjxK5h8iG5vWYplMk9FzxbI4O7oT2APZcVfR2U -4lrmQMK7EFDrfRw+CYCuwv0/NxEoMFINRnWtyksLPw3ZtFDdnUAz4Dnu15yAFBW9 -vmOqM72Npx3BnkREOZtB5Fj5FkH9DOVSibuD6zMlUCcVXaX/bON4yrhDGnSctj0y -mwCpkLK5GkpV24i7pW7LAY+MKXOtDObZHenwdJCBdcAMbNYO5BXuFFxlgJlxRT3T -j6IH25j9/dRzaO73rh222Qp/EA3YGvhuEAMps/o30flbjZdsiAzn8ajg8NO1qf4+ -aDJDN4xTRVFkTOgTuORqamiLmV7Q3yU4wDFo9jf8H/fD8uIXESy1NOTuKbXjoITL -D3RVivSlTXHWJ3rSOm13uFY0OVG+gx36Oz5O/hzbtGrebrTadKALS0SkH1cjh6pf -sCpgVW7BorY3AoIBgAZWGr/JxYe8PtTwPm40EH2r1FUvDlhEEaxF4Ky0VRxh4sdq -/Vdcvn5ww3KgItkwSSAM0TchtosXtjILXkuRSwJglu15OHOuJHZKsaaD7NeT+AoS -HOfaiEUJRht9+/lNLbLwxpq8FSCOabWSeqj40rq1P7wQWUh2gyAh9GWc+KO9Lg1w -Feo0re6IgmPaVhpWS/a2/IguHQwbMdly6EgWD8CqGIK9T4agWqYr4FIUzaEO3SOi -fe+MPV6U5P1STcs9+UQG9LjzqHHDjMHIm4I3KNXKyM2myl8ncTrmD6uRRiRh6bhn -wZHMXwk+JsJgbwz8d4T/xDoGNWvonGvnQWgPTaVry1N1TLjgWd+k8UCio0DmxgUJ -qOz1x7LIGqLGiSOF1xUxA4M50we/JVw8731PLFxZNiSRvKHW/Dh3YsZ2jSoPT+1T -1l+azCglr1Xz560GEjswedZgsAb1tBm7AFtpJIfujMLRZhhoUZl2rDX1A2h69/HN -kn86NydyUXjVGYttQgICAQA= ------END DH PARAMETERS----- diff --git a/tests/puppet/provider/files/cert/commercial_ca.crt b/tests/puppet/provider/files/cert/commercial_ca.crt deleted file mode 100644 index 01df56a7..00000000 --- a/tests/puppet/provider/files/cert/commercial_ca.crt +++ /dev/null @@ -1,32 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgIBATANBgkqhkiG9w0BAQ0FADBKMRAwDgYDVQQKDAdFeGFt -cGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMRgwFgYDVQQDDA9FeGFt -cGxlIFJvb3QgQ0EwHhcNMTYwNjExMDAwMDAwWhcNMjYwNjExMDAwMDAwWjBKMRAw -DgYDVQQKDAdFeGFtcGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3JnMRgw -FgYDVQQDDA9FeGFtcGxlIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw -ggIKAoICAQCyW2rTcWimY288/Ddu7OPvJxShS1RInQqfq8hYy6hEK2QYn656dRDf -pJXgSYWMvWzSXWJiQkyA8L2+DDilFtccqToqnKE7IwYHlxaeh8OSyZcHl4YCpWJi -1rc7pysN/l/0pjsp1aKKyHEObnkGMev07uGmI8aOE4Yvd2K5LjBjlov5mNnbYEHW -j+hWctV6OcphnxVboqtTy+0Ewv5D56snLjUtedyB7Er4ryRjIrWOyd+ZSyi03zov -oY1xPXS5wSxCc6y6wOKt7/noIg9xxWi7XgSd3OVtPYRU3Io62lMBSzNG6fmos3Mb -E4ui5ma7IFCJlMEFHirVSBiHn2jwsDtSsrTl0JHJS5ud8Eve5vV0r/n07QsDMhj5 -ol+YDq4+VvOekCAH75GFYkMIzpgcVzC2a1Rq7JTkcnINAF/m47yBLPomItklHv0z -+I23Q+jjTaM2A+40T2K+YRLjFyZwrlCAScjMwPFspnGxfa02miYENhPV1TdTP/ap -QE7TSl6oFiNrTh7INHGvKgrZYRW598dgAWNKG4zWY8Vj/bIXR1lC8Lp6enQtsIsU -WiF+zl+xq6bRHg7W419qQowiD349gPXIJGlXEzLqjgLpmpFywrpzxBv6sfZgYT9d -OPATT+GSiOFYJh9K4/JIxOFBJhzDD6PribjhzydPMTojSJ2Xu7nsOwIDAQABo2Aw -XjAdBgNVHQ4EFgQUlhC2wfrVFzGrtuzcA0mkO+yn9bgwDgYDVR0PAQH/BAQDAgIE -MAwGA1UdEwQFMAMBAf8wHwYDVR0jBBgwFoAUlhC2wfrVFzGrtuzcA0mkO+yn9bgw -DQYJKoZIhvcNAQENBQADggIBAAKdSviiZY8tINlDSVrib0CyDbXymO5uTPRqsf/u -MC7/DYXlNFy0GHpX4Ls6GcJN5DdZAG0TaoWo5RkNerxqv78sGJsmPqWt55cpBPVe -NLpFmxcOmLClSDLBhSaq5ggbxULScee7MS1gPHqz1BHXmi7ZJIip4VeVA2e1E52F -J7E4Y36AJOdZYLgz50YOX/NZwSYBTMy7RI1MiqG/eJf1BjkwtSyO7FTjPXsdKi8x -HhtRr5udm7Nprq1eJUUDD0+z4kAeTe/LJeuhxc4QKzpVZkE1peW6Wlklp0cdLJud -7gUsY1GFnNhZDDQ3SW2ZJ/p2OdH35rX96cj+6VClqSQMbH4rL63tICLmAsEzPKwJ -57bGVUM822n4mh0vn79dam40vMw7wkTKqIKVyLhk30N5/73XczpoLhvVdKDtA1Aj -C6LseWq4CZsaRSCgk2VsEEYyl7M+BIREuhYOllsILneOTiCOCnU4EdnBQZIHdz3S -xhduafYXLa7RHkFMfOjtmhogXXpGyaQuS8IsivIowOxKoIZo47IhYRRAghrVN2HK -ZXrgftIHNfHsFLfe6iiQBgaRn/1w7xOIPVDBqlZKKAMQE7cvum2o6dJo03Sc4dIe -rvIU1WGNRLM3/AsbZ/7gqwD3INiNUPeuVaiRqvLvXnKfHlR/4s2wZrnKqUgYF1Go -arXF ------END CERTIFICATE----- diff --git a/tests/puppet/provider/files/cert/example.org.crt b/tests/puppet/provider/files/cert/example.org.crt deleted file mode 100644 index 7de2982d..00000000 --- a/tests/puppet/provider/files/cert/example.org.crt +++ /dev/null @@ -1,31 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFbDCCA1SgAwIBAgIRAJW2X9xbiBvmbN1kMlRVKtQwDQYJKoZIhvcNAQELBQAw -SjEQMA4GA1UECgwHRXhhbXBsZTEcMBoGA1UECwwTaHR0cHM6Ly9leGFtcGxlLm9y -ZzEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTE2MDYxMTAwMDAwMFoXDTE3 -MDYxMTAwMDAwMFowKDEQMA4GA1UECgwHRXhhbXBsZTEUMBIGA1UEAwwLZXhhbXBs -ZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDFuKIL//hf5cjU -m18q5fSUyvwtmWREJPaVp+CiWiGJHmxFAiWMGuAFRRChhZ4SYmnEscNda0f6ntPz -rO+XjhQeA05bIYD9JcFT25Jg4kSX4pQ0+pK2vuHqk4ascZgOOaq4fN8SXD6ZiL3m -CONDRzbnZVR2LqsdCbEqIuHlo7VK7MO8/9A+rF7wKLVatBtk25uSWMQPt0Q41gw6 -YTV447SltFH3fgUZnNR6p7Oxpsi3qEWlt2vZMIa5xdq4ge2dx1GgC8oSBx1XT/Yd -qu//GECAH5XsZsAaPXDuor1iTbWELzHyGrQ7V80e67lE2lxoaHxRCOE/NDUU6UXm -CqXwhdBHarHehOCGSDXvHEwAH5zpV77XOm2bIoZmCjM1fRk5p2S3GmXteCdvCxBP -+2wECnRXuwN2aICrBk7sZ9FieRsYao8GZN/A7ZY24pf7CMEBsgjYktTjAwUb21m6 -vmmzt93dEVJgkd8LASFmoXn+YAIGF0/fD5ZutlsAsBfodoCH9JKBi25nVVTEQW8g -TzUegTC3PUqnathWv4gZIYDG1ZUDxjk30beNmXV2XudASmP7NG4uSlQwGAEWn+cc -dzOnRxR0BQpkMMNEV/HmJVuSV5Ak4DkruSXGjLpzi30BjJ8obx85YAusIrhWRUrR -2oz6gqDUnwq3Nkr3Nk45iOEDC0cZnwIDAQABo28wbTAdBgNVHQ4EFgQUS7rm3WfC -psxoh4i7q0YbTbMZWuIwCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMB -MAkGA1UdEwQCMAAwHwYDVR0jBBgwFoAUlhC2wfrVFzGrtuzcA0mkO+yn9bgwDQYJ -KoZIhvcNAQELBQADggIBAKxeVSMEpUOdBO1zmwd5NtugOlYV3/Gu9GqmUQdlB4FF -Wt6sKJmYYByNquKT79oJLb9dgUPw8qQiHCB+MAsjB4PpHvMRlpgrcDGsI8+esnfG -dJny+82aRIFZ2KnNbH8FchcCh4bviaY+DE9kyJNHILk0ujICXabR0G6ArVISTbyB -C+6BdFyKTT5zj9mtkiTgvZchlKCmOmvh/HeCONu6MGYbqcqp41RA3g1eEjFoROKO -wmf65VvfOBeb9VydOTICh/bJWRSmAMJqWxbOiV8+Ldufi0vXMcOhEfsyo316xxRq -1GMb5xVihtCxj/+qBKNoun4k9LTmUvComuPakbtEPT2QbxiTvqCbXsWHPoRwCKEj -RcFPsxWAnUslzqSl1b0oLaE1zNjBmB/Zd82i2MC4PncLC2hLHtAU1imRZKP6rnHx -cb1NyFLS0FmIPqZUz9qcY2Tj3GbjqYqRi/sXNKrR2axAUx+jGI/Ie7Zsqa4VZA0A -ZsiF0BGN3RTCYHuoJbXfEVFQ3o97JGNC3t07u9XhVuC0fjCiQu5PBbMRHSSvtBdN -+LSrhR5j4aiCmppgQSeTtoKSIS3EiOzDtawdewxhffK+co0pGnO3nox+iINvSIQ5 -IevAREmZ2ytjFDU/kVFFlINesFsLRouO37DUf2Kjxaa0RgkCBHpOnTAAD7bXiSaJ ------END CERTIFICATE----- diff --git a/tests/puppet/provider/files/cert/example.org.csr b/tests/puppet/provider/files/cert/example.org.csr deleted file mode 100644 index 95e8b65d..00000000 --- a/tests/puppet/provider/files/cert/example.org.csr +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIEqzCCApMCAQAwKDEQMA4GA1UECgwHRXhhbXBsZTEUMBIGA1UEAwwLZXhhbXBs -ZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDFuKIL//hf5cjU -m18q5fSUyvwtmWREJPaVp+CiWiGJHmxFAiWMGuAFRRChhZ4SYmnEscNda0f6ntPz -rO+XjhQeA05bIYD9JcFT25Jg4kSX4pQ0+pK2vuHqk4ascZgOOaq4fN8SXD6ZiL3m -CONDRzbnZVR2LqsdCbEqIuHlo7VK7MO8/9A+rF7wKLVatBtk25uSWMQPt0Q41gw6 -YTV447SltFH3fgUZnNR6p7Oxpsi3qEWlt2vZMIa5xdq4ge2dx1GgC8oSBx1XT/Yd -qu//GECAH5XsZsAaPXDuor1iTbWELzHyGrQ7V80e67lE2lxoaHxRCOE/NDUU6UXm -CqXwhdBHarHehOCGSDXvHEwAH5zpV77XOm2bIoZmCjM1fRk5p2S3GmXteCdvCxBP -+2wECnRXuwN2aICrBk7sZ9FieRsYao8GZN/A7ZY24pf7CMEBsgjYktTjAwUb21m6 -vmmzt93dEVJgkd8LASFmoXn+YAIGF0/fD5ZutlsAsBfodoCH9JKBi25nVVTEQW8g -TzUegTC3PUqnathWv4gZIYDG1ZUDxjk30beNmXV2XudASmP7NG4uSlQwGAEWn+cc -dzOnRxR0BQpkMMNEV/HmJVuSV5Ak4DkruSXGjLpzi30BjJ8obx85YAusIrhWRUrR -2oz6gqDUnwq3Nkr3Nk45iOEDC0cZnwIDAQABoD4wPAYJKoZIhvcNAQkOMS8wLTAJ -BgNVHRMEAjAAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkq -hkiG9w0BAQsFAAOCAgEAG0IpXLHZpgXtBZHEnGBghrucWnAuhRf0sXauboBVWnwA -5noESIIX/hNq9DdaBba684u1Qga+lZcFsO1Zh/K1Guu74FTNxV2jCLKcX1T+Ymx4 -uRJ1jcdCc+YB/f+ce+pAhFJei/6sKP//MtYIBHlbe8aGQx1yVPJ5oSb4yS9Hloe4 -DuM0bp6ZXhXFv4YxxxDbaTMs9D46AKnqXV0rLe8WwHH1Mbdxl0bi7roZ3/1NPYsg -diUMWQlnrR1d1xxUG7x+PJRpPcN3GmZQ0WyZoNrIQA7OLEg6nM8T4sQX5OZFdQrQ -KQJyX8+Cc8j/UtPrPIPgch6iYX32e+1wTAP82npw1KMELxRsxjX6ERl65apkADFa -w6LrCFtUQApWY/vZPz88udzSxVytJL4ZrHJxuZEG1WFE3kPY2Ak5LYw/IVxCDFsL -GVfhb92zkn5iUkULXbwjcTytK3IqXZHl05PW+etGtqbkdh99m8eH1HxolKEgtehm -l7FMD/JrC0GJWhI4Dl0CpvhAsV61pa8f1KmfGFTt+zpS4epSIItWTuSd4tzaXwNq -3K1zJaKHs16VWBFuhH5kle4QGRIuDRPHchBQQg0wgy/sfHuzqbcVNotGZ7qzvnRL -x5eXmWm1HaVKl1NpxbntMY4o9u0WgyzmU0VVsv+oWJj6J88T97rqTNg1Q1Uj8ic= ------END CERTIFICATE REQUEST----- diff --git a/tests/puppet/provider/files/cert/example.org.key b/tests/puppet/provider/files/cert/example.org.key deleted file mode 100644 index 7ca1c512..00000000 --- a/tests/puppet/provider/files/cert/example.org.key +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKQIBAAKCAgEAxbiiC//4X+XI1JtfKuX0lMr8LZlkRCT2lafgolohiR5sRQIl -jBrgBUUQoYWeEmJpxLHDXWtH+p7T86zvl44UHgNOWyGA/SXBU9uSYOJEl+KUNPqS -tr7h6pOGrHGYDjmquHzfElw+mYi95gjjQ0c252VUdi6rHQmxKiLh5aO1SuzDvP/Q -Pqxe8Ci1WrQbZNubkljED7dEONYMOmE1eOO0pbRR934FGZzUeqezsabIt6hFpbdr -2TCGucXauIHtncdRoAvKEgcdV0/2Harv/xhAgB+V7GbAGj1w7qK9Yk21hC8x8hq0 -O1fNHuu5RNpcaGh8UQjhPzQ1FOlF5gql8IXQR2qx3oTghkg17xxMAB+c6Ve+1zpt -myKGZgozNX0ZOadktxpl7XgnbwsQT/tsBAp0V7sDdmiAqwZO7GfRYnkbGGqPBmTf -wO2WNuKX+wjBAbII2JLU4wMFG9tZur5ps7fd3RFSYJHfCwEhZqF5/mACBhdP3w+W -brZbALAX6HaAh/SSgYtuZ1VUxEFvIE81HoEwtz1Kp2rYVr+IGSGAxtWVA8Y5N9G3 -jZl1dl7nQEpj+zRuLkpUMBgBFp/nHHczp0cUdAUKZDDDRFfx5iVbkleQJOA5K7kl -xoy6c4t9AYyfKG8fOWALrCK4VkVK0dqM+oKg1J8KtzZK9zZOOYjhAwtHGZ8CAwEA -AQKCAgAht6KquTP55o2g8/3+qshSt2rZu9bFaChEzSQZi5U8dNuxyPPuOIcLXwO/ -B7I1IGM5D7dpLupPatZqL4uMJMZ5d8bc85GzmcSmMEN+EhfwbssnXbO3RkXwYsgM -kDKF+n+KhoDj+KcUN6VqnQlkZ7iNLVKB9ONpSEXWEazEJG6+IDIhAN7aUTq/abHD -jgM959VX15tXssEHkDj1m64qt2oO9/kiY3MrMvtpD0Atg2unJiL6Z5UUrJnNBFiQ -Llf/GAZrbJdBC8WNJi2qUYQr1E7rindeoQcRcnjXuRjisq3JpOK3jqY9mHN6Wmh1 -vWcUxvysNP90b8q9jipFWHuD0M37kq+BLn5Bub0ypiIkId0CUnAB9MBYcBJlYhai -ZwI1fe0uGFD7XlJbHexTgnLreDAo3FR9CIUDo2HUWqmUNWadAl/rPNRe6+QDDvmP -5v4HiFmSuCjZJOu9x2z/ly1JzM+iCUp+q6BxYYYW/5tDLYAw7sl1uaiLTzZuhrrM -PlO6DNLAQhMn29jeszPHt7iXHdHAHAuYSeHpfeqnAV1qB+6x7UFVZjbDxXkt/Sn0 -+LvCzJUQOwQNlnnzIwVdn8phS3r9TN2rI3dtlvPMWJqgBiheJ9qn2tHjjoPETt9I -hfvw949Gi65D+AFSzowjNUFwDXzphOwETv5tpKCRROhdBRBdwQKCAQEA+L9RsVqT -F+7HyGza+F53mgED5SQoS52vRA2OiAbCgiNjY7JH7bqIpuO4RlgqKo+GKoboCP6D -1CmVGUm/Z8wYspzQs15O/jUO1bZ8KFREt8TquxFtikwyvIXQhUdJhZYUnhfMzV3O -sH1blWhJnSX21rxJWlrkN0I8Zdkl6mjvFa97Kr9UA/pdZd0qgIw5Vi7MFLPC7j2Q -YmTPhNsb0oZMJHGvwENUmuCQDhGiRhQV06R963mTMvxY7LWqUVf6dr7xg89Qt5Yo -AdSHllOxHOMTAa+kZNF1N8UM9S2iJSn6ZeUEOXOJEuosghpE/QIuvo81Txm63G7e -BjU3H7cFqDetfQKCAQEAy3xy2cQ/+GlSIbwXrzBr483Z0jXnvknlCJMh+NCTXObk -idOhhnIuZu+JoAovv2AfKNPvYXotmb1xxmws5RSrlZDGiQQzEwvJPeLN2DnUGqzc -ZPenu64Je6v9L35iRMF8vyx3xf27FC4zmR6nLuZbgfEfQdModqCbTpzh23Cl3mkM -IZFYPhhfnh/pcwccuqfOn0Adt+1X3jvp3QzCh1jkEjhaRB5qjt58nlmxA2EKYv1w -OzSTH9owqsCMmdrqzR7iKh59LrfOfggJbhHCyrORZ/S8h5lwqIk3+zLMrwGSvkXL -tuKLXtkX/Xy98cbHwk5M/bf3hH6I5njlsssFsS8+SwKCAQEAxCzu2raaJ1fUDAd9 -sj+eh8ChN8gKV4hmv38Jl9Hs+QG70ta5z407VJNns2K47pP+te9rdBx2D48z3ZvB -7rSSDduK5MtN9UIXDwk6Zfv/rgcJMLuP7nAl23SVfWc5Xrd8TypqBNUkuyBCaFS1 -KdDVGYmpOC9SqRn91D0rn/FeDXY15wK52eFMY5fHe1YbqhKCNRmIdKftBQyIdTjw -elocFunqN/Fh+jt8oPvbRPV2OVITVPCu3JkT8KtdRYXjLF9uzgtkl0U/DCJ3RGGA -301eogfJ2REwJumrTHnO1QyERHQXns+1nUs+CuV43ykngHYlDts1+b8eLzss3EBV -n9M5aQKCAQEArqKmmtg/on0ZPNSFaxfecEq5lxwmQHyAsMQ9UqIG5qNOHi9fn9gc -lMEdVxmG8vKWq16AQiMuQZSBsa4jNZNw0tLGYM8W2lCyLIea6+htbVtPZuPYs0zg -3J+1ke4gfiukWRnbzTM+PEqOg+n3x1txy2pZzg9f2bdqsqQXflIGOIPlImXv2pLm -dPmkS9Edyd+8h5XqK3DpiVPYGJsb1Dbove5ZIb8M6oJtZyVIssK0vFIP4O/1GFAU -lmbcBCsKenH33ff+rXqYIDfbh/h8OaS0tQgoSSPZuPrS7aYiXku2Wc/izplMzWD5 -otZM2dQkmlDC6LjbF33VFh9J2xE8WF1YUwKCAQAeJYro7nBxM0eOmof1ty24UPfg -jx72sH/FpgKIyvZ4yQoreNUc4TVsy5QMIVd0G966CRgvzaE0vcBHm//7YCXHtIa9 -ihqmYDo7SoaF7nZNjxJIxyQVPY0+Kntkwz0XAX0IbJ0nMx+3x6d5UhbQbxFVKe7X -5WmOMb0ro9NLaCvh5IUxSHsG/a8hYRqoX3tZbPRvTJMZMTMxWslsscWINNu/80KS -ggpD9Uu9hdVwT7yavl6JKC3ypRdBzmpKZfiLt5CTFex+XGIgKLHVqbHxXu487YsL -AlexBvk1/RKMTHIgUl7uMmaJsUSD+ME4SWuU9cW115kwp+JBMXES4ZfWnRHZ ------END RSA PRIVATE KEY----- diff --git a/tests/puppet/provider/files/mx/dkim.key b/tests/puppet/provider/files/mx/dkim.key deleted file mode 100644 index 0dc069c6..00000000 --- a/tests/puppet/provider/files/mx/dkim.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEogIBAAKCAQEAyrO7MRuCSyM2Iz5fXT17q2rpP8U8m4zE98gShMAzzKFOUjk2 -WldOzVDrNVMc6nlIkBifNpk85SCdgc5GRCWMMHifbKTWjduK9pCTtvIOVPq9H0Ak -mgqXEgoVurn9gIxfUk2zpr+TzE9r7/U+O8ffmtmZMKbWldvvqwfm3rLRBUpvi9EH -KWjmqEp9I4x0mXzkwRzoyrN0xZB2pLJJVlg/edeI7omPaqRRbf/OWQb1CHK5g3Yo -l1zlnBEG4X7BsIqqvaKfPT6Zp1AM/QP5qJESjvLyEf5eguWSeU/kyUCtSLZqigxf -sYqcClN7gWiQ1j5d3vkpv6xEvLZOL9Jhg00FnQIDAQABAoIBACZMxX7m4ryNv6nz -HBPDDT37am0ZOHVvqLvkutMIegEdLW5Nzx5Mxt/2fSrLNHh9SB+p91Naqu3kNr6T -GiXALnfuIrllgAC3zc7+zFpR7DFUWy2vcfsFKzxGWYq5n9ONMmmbsuk745JEI3Ho -lcS35GEe4loV/A++yc84JABKK0JjUpXeafXr21dNGNe0mv0j/0zM8jWzZ6QFneeG -0MpZMP4rR+STe70n3Cgqoue0IDejt+N/jA6Js6cYV3zQgDX8sQVPR3saTaYMrjHH -UV7qj+tvzgUxMp0XEzhAxNKsHpGSwyDt0X2RPFj1Jye9OSLHV+p4Mbjij+9p8ZUB -robaTGECgYEA/SWNspWkyNSGE9YNErxiFL6WUGaXgJgoPNA6R/i5KoC/7jv8gn4X -TeZ9a5b+JHt5fSy3Ph1Pje8T3ZLDl+7Oahr2/Xh+pmcQ3Tb3gEA30e2dmQgLGfcD -wIa/wr+FpW/DofdjXtdVMyn9urnTiOYbPaFVY82z4OcQmFF/kMfSKAkCgYEAzPyf -FToGs1BmEz416js7QsXNdr3sQMONsBRVw3H26qWbYDxaT6piHBwNfw2N2awr1WFc -6XuQ93xymHHwNfb4vjTOI+vJLPwZo3P8KOZwDwjUpVL8OTDSXt87yJMbcmexLATS -Asmnoe5h8rVXHc+BJ8UR0HdkJN0SVD/LKlySTfUCgYAVm5D+v1szcUCIjOrMwJu2 -nZYDAt7HsTUuC7AN2KMlh5vaX/Brywt+MMBf4KGMx6VVE+4INURHHzMY5KAhZdbk -o6yVciWNWprL5xc1MUYSey/Kki8wZi9Bzb6shuCHgIS4XH905vh0x47K03XE569H -kW/Sdwp1lgOKnNpAp22+0QKBgEZQIQFW9hVr7peLL1M5Hgq5btDcNL3CVkefsgto -fBng1HseOJw7BYw+0yJRs+aGeEKpMwWjrQY3WdeQvaTFIm2cD1mi907G6sR2dHhT -Ev0VOlu7K2kypfaE/CzAyRllGBDRVng+U5HoAxENwuQm2Vaa8pFfYqqCalcbysSt -HEJBAoGAS/liytZxCp9v8RCNyAOo8JPHPw/EdPGxuk5lP7m4iNbB1O9DqvEEmR4l -RzgXcAPgIAy5+TEwUQwarqbHe8fgmGziMP4xtntN2X+epreD1fWqfTHphO2njaDT -SKMlO5hUVlQXc7/J6DRbFzWFlEngvqNx+PzM5VlEYc7mK6xRSjo= ------END RSA PRIVATE KEY----- diff --git a/tests/puppet/provider/files/mx/dkim.pub b/tests/puppet/provider/files/mx/dkim.pub deleted file mode 100644 index bbd32086..00000000 --- a/tests/puppet/provider/files/mx/dkim.pub +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrO7MRuCSyM2Iz5fXT17 -q2rpP8U8m4zE98gShMAzzKFOUjk2WldOzVDrNVMc6nlIkBifNpk85SCdgc5GRCWM -MHifbKTWjduK9pCTtvIOVPq9H0AkmgqXEgoVurn9gIxfUk2zpr+TzE9r7/U+O8ff -mtmZMKbWldvvqwfm3rLRBUpvi9EHKWjmqEp9I4x0mXzkwRzoyrN0xZB2pLJJVlg/ -edeI7omPaqRRbf/OWQb1CHK5g3Yol1zlnBEG4X7BsIqqvaKfPT6Zp1AM/QP5qJES -jvLyEf5eguWSeU/kyUCtSLZqigxfsYqcClN7gWiQ1j5d3vkpv6xEvLZOL9Jhg00F -nQIDAQAB ------END PUBLIC KEY----- diff --git a/tests/puppet/provider/files/ssh/known_hosts b/tests/puppet/provider/files/ssh/known_hosts deleted file mode 100644 index 50bc01fd..00000000 --- a/tests/puppet/provider/files/ssh/known_hosts +++ /dev/null @@ -1,4 +0,0 @@ -# -# This file is automatically generated by the command `leap`. You should NOT modify this file. -# Instead, rerun `leap node init` on whatever node is causing SSH problems. -# diff --git a/tests/puppet/provider/files/ssh/monitor_ssh b/tests/puppet/provider/files/ssh/monitor_ssh deleted file mode 100644 index 81ff75e4..00000000 --- a/tests/puppet/provider/files/ssh/monitor_ssh +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKQIBAAKCAgEAxG2QA8pYOcU8ViBfg5QFTS7jboEr7G9UFpUisHyGyY5rJZ/9 -N04UK7GRtCYS+Rd/9nqWmoV4StdVH9rXFLHxPvVH3z/jHGDir2fRpkywaWGVMiU/ -F0QSv67YbooNOdMaTacapWEwmwjO0ApDrHlqdBZwGb/gh1wW7lUpBgzHN+ZzNU8Z -lVh7icYgqv114NAjfzA+VGOwVpCW1q3pR8c08lSJgfnMUZ2gEmjJPizC6Za1RvIx -kzEkRVnmtlN4i62J6aSwLKMDXlyfjailFzfZaPdjlA5ijMvGZXo/zUWCaQJS8k1c -0vkj1arGHZ0J/t5so90qycD9j5Q8s8nMYZ5rbc1C7uPsx2ywqCVwd0St1STcNq4d -FTZEc5edaKFGNjC0fzp3ZGzIvEyAdJMimXFcC10JP+TBgorQmNrH7iGNfsrr8b0P -65Xr9P3sopEOSknsONoVBiH/9MoDd0CuVY9A0ZmmExB8qf2uc9ll2/SLcdX2jon9 -mX5zBI2ENcGnezHgGv4jp3PKaBokmOaOrQWND70/bgXooDmTU7+O63SemPoJhdwS -CiI4QU2Vi5aEEOz966q+hi2xTXd96G9/qoOjdlBBZThwSsF6FDGdGjdUe+qkfGQb -aybWHXbdHJamAWnqAtfwHDbSkShKwfJK+BqukkHGoe+l0zXrfUP+DZ5rcxsCAwEA -AQKCAgEAk1rNysok3VHFLacjgAWu5HPkUaW9WaU6o6ZFW7hPNS0N3C/lOXPtVcnj -0A0v9oVWjYTxLgIqd5qKVVdKOlAy9lPzEttOeJ+F7qgncmXdgXCfB/tBFScQGZQE -8QfHXDWtacuOBbqfR+6XlyHcGqsK3QNoHSkAOwsueKSSHePAH4NVsgwg2RSDuJtV -LnDt2TTLLEL4vz35rzbQsUPN2PbsFU6tyT+nsyJYTvck4OubXLieTRarcgxPdWc3 -2FdN+xq4dvoA37t6b3N0jkSRdJWFF2Ve4lbYP18u+jl3W3pllnkT2ImItQwJgeSW -suh38ybQwSzNSITqsqc10nn0RNcfJvLK5CscX3xL8RYMcMAk9uxIAa5pACKnVwVj -a92pP0838E+3AP5yaAMNZg5xeC5jlZCOS82SM7xKBQacmeLHh7DmjZPqngzSHyDu -UyIlRn4dYB7G51QuQ1ZOZui/uODpUDcmh0EvAN2P/FDfhE4yvdJ5jIznNci7qEbG -GZ7S2RcMbexl7RSo6hvhXp8D4vuAgWMPpVXaIBf/G9BX+YBwpo90ohB+LRmnOdWA -FJfm7tis4ANx6XT+aWwvFEc6YTxV2ECq9yKcm8Ws0dhifDE2eKbWD9sL41p2Ghaa -NWGUJ55wgsidl6r9roA6spROMvaM0bRZFLE5OcIhuE9D7wnHD0ECggEBAO8t7v31 -23y8BSY4WuIN5JzNkcrY+d+P/WNM4KjATUw08Yzg29u1Ebh2JJLoSAHEyV6ngNJ3 -SO9uOhrH6mfBW+CC5RT1rE5g3G9bz8ZI1scMDJcXYfIHqhOynP3RbiaXR39fja+l -u7lW76mVM3qqET5oj4LBxU7eUyXzQqV7UoQyHBKNW0TALL/bRVdTabUyGprVbo70 -Ww75j2JqD2hK/803Ebi+VkkN1NcGiLdaWm9qvgTYiRENsSb4UjZX2EalKZERXcHy -e7VCKdOVWwbWpDdTG1mg/bI+EdQvHXXuD7yDIKs3z3d2sYeqdMhQ7rJE3Ra/P/0p -Kim+GTnDlVOwfXMCggEBANI99A6zp1iu2tkTIExEYin189BxtRg5EQRVm1CJl15O -RrfReUVuhvRSagQlXz7qnNiETG73F7ouGu4QTLYP0Lmjxa6UP7Lu0mQ23al2/OXE -1agzSLGTZv50sRE8f0Oo7fi/n++QVUfQ1MRM7yMtZnrl9X85+2KKQLYI4Gwb3yUU -geJMaX8X5s6CwffRYe9BtYb3q2o1ySTbMIcdL2aQbAorBz33DNkp/SyLwEiuaogt -jb93KCtoMiOyYs6gRMI3MxLGg6dLGbSB8QwBxCCV87UoUAS7IODqAHJwnacYKhEV -0EcA0oDjT9cQomX6lQQFmxXE/2A96P5e8wVPyTi5SbkCggEALkIA/ecF6yrmCA1Q -LnYnZ9guQUATm5RamlDtBlYi3QFEUk3O18A+TCG1UyBPhOANXhwhQxNE7OGxpSpT -AHwaC+Lk8VfOWl5LY9Iq7ht6RobjDHm+PLQUxbh+umw91ILflhfh7D2uf9r7gR3V -Ff08VoiccNqPEYDYLffNRPoD7INQgJoMM9DDFtwOniQIxr2I/bcXqdhCoDPN8me2 -0SHoNUVYTRWq1HgzWN7vpB56bSAE3iUO5VhzkajnJZF5x7f7wQ3Nx0vhdx3zvvMc -5sauffC50mzbhBSTGCmAliVTr87gi5zAqEcxcJ6b9X4JnDrLU7Hra0gB2o7kjBJy -l/wDVwKCAQEAjcICNouCEbTMkUNpKqONQNe6zthsj+mihLaoI7SyYH8NBdJzH5K3 -4jNTknoUb5rHqOIDm2p2EC4YMF7DKpsdVJ6NovoIvUB0kefArAwz10VR/ridkkZe -UsIhxgpxkRBtbKTgVSqPpf20CKwLLj/lcoZtcpyI2Nd5bIQtthdQ7XKXZRu6olxe -Xu4hlVQT4bv/hwKmDNY5SuWUIfZWyKQmhPCgUHKsshyyvX95ZkhcQnfctLXGWwZF -kHYuUz4TPpTzlfxONtXXfjODcWIbeRFCouqMkbQPJjgBlyhB1LHhY2W+6rEuPoOG -iO+JYJOGOJEDEbmjq6Py3tjsqa8zcVDV2QKCAQB2O6qmJCgn6os9ladkcnpTO5oD -I+poz8PdwPcoB+KxW/Jj759mmBCeFh0HtZlct9JMexWD8cB2+x0412y9cZC2XduK -tX0tci1WhZTR9XEo2BjzNJBRvRxSDOz1Fk0y2D9fhsVrPkS6qZ5/+kt/O6cgyFxb -4m0+2V4qnJcF075PF4G/Raq8sKKuPOg8EHTnVRZgyL7vmrprRlPqpq8CYJUwPX53 -ddK3exo96qLvYCf7qKtQvDedLbllrqgOE2xrhuPPAmaXjto2dHb/7NCVBoccL5mN -SPFLi0V6EvPUlYZZ/e0XQafMT20/moMWnuIH1igkXPkw/hwpBLGVVEsLv5hl ------END RSA PRIVATE KEY----- diff --git a/tests/puppet/provider/files/ssh/monitor_ssh.pub b/tests/puppet/provider/files/ssh/monitor_ssh.pub deleted file mode 100644 index 8be32927..00000000 --- a/tests/puppet/provider/files/ssh/monitor_ssh.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEbZADylg5xTxWIF+DlAVNLuNugSvsb1QWlSKwfIbJjmsln/03ThQrsZG0JhL5F3/2epaahXhK11Uf2tcUsfE+9UffP+McYOKvZ9GmTLBpYZUyJT8XRBK/rthuig050xpNpxqlYTCbCM7QCkOseWp0FnAZv+CHXBbuVSkGDMc35nM1TxmVWHuJxiCq/XXg0CN/MD5UY7BWkJbWrelHxzTyVImB+cxRnaASaMk+LMLplrVG8jGTMSRFWea2U3iLrYnppLAsowNeXJ+NqKUXN9lo92OUDmKMy8Zlej/NRYJpAlLyTVzS+SPVqsYdnQn+3myj3SrJwP2PlDyzycxhnmttzULu4+zHbLCoJXB3RK3VJNw2rh0VNkRzl51ooUY2MLR/OndkbMi8TIB0kyKZcVwLXQk/5MGCitCY2sfuIY1+yuvxvQ/rlev0/eyikQ5KSew42hUGIf/0ygN3QK5Vj0DRmaYTEHyp/a5z2WXb9Itx1faOif2ZfnMEjYQ1wad7MeAa/iOnc8poGiSY5o6tBY0PvT9uBeigOZNTv47rdJ6Y+gmF3BIKIjhBTZWLloQQ7P3rqr6GLbFNd33ob3+qg6N2UEFlOHBKwXoUMZ0aN1R76qR8ZBtrJtYddt0clqYBaeoC1/AcNtKRKErB8kr4Gq6SQcah76XTNet9Q/4NnmtzGw== monitor diff --git a/tests/puppet/provider/nodes/catalogtest.json b/tests/puppet/provider/nodes/catalogtest.json deleted file mode 100644 index 05703666..00000000 --- a/tests/puppet/provider/nodes/catalogtest.json +++ /dev/null @@ -1,39 +0,0 @@ -{ - "ip_address": "1.1.1.1", - "openvpn": { - "gateway_address": "1.1.1.2" - }, - "services": [ - "couchdb", - "mx", - "soledad", - "webapp", - "monitor", - "openvpn", - "tor", - "obfsproxy", - "static" - ], - "tags": ["catalogtest","development"], - "static": { - "domains":{ - "example.org": { - "tls_only": true, - "locations": { - "front": { - "path": "/", - "format": "amber", - "source": { - "type": "git", - "repo": "https://leap.se/git/bitmask_help", - "revision": "origin/master" - } - } - }, - "cert": "= file('cert/example.org.crt')", - "key": "= file('cert/example.org.key')", - "ca_cert": "= file('cert/commercial_ca.crt')" - } - } - } -} diff --git a/tests/puppet/provider/provider.json b/tests/puppet/provider/provider.json deleted file mode 100644 index 218ff529..00000000 --- a/tests/puppet/provider/provider.json +++ /dev/null @@ -1,18 +0,0 @@ -// -// General service provider configuration. -// -{ - "domain": "example.org", - "name": { - "en": "Example" - }, - "description": { - "en": "You really should change this text" - }, - "contacts": { - "default": "root@example.org" - }, - "languages": ["en"], - "default_language": "en", - "enrollment_policy": "open" -} diff --git a/tests/puppet/provider/tags/catalogtest.json b/tests/puppet/provider/tags/catalogtest.json deleted file mode 100644 index 0967ef42..00000000 --- a/tests/puppet/provider/tags/catalogtest.json +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/tests/puppet/provider/users/gitlab-runner/gitlab-runner_ssh.pub b/tests/puppet/provider/users/gitlab-runner/gitlab-runner_ssh.pub deleted file mode 100644 index 1a3c370d..00000000 --- a/tests/puppet/provider/users/gitlab-runner/gitlab-runner_ssh.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDkRxRRgaSmpzm1tOJMmvOrge/V7fQ9O0q/A+Ez0OlC0LC25ar0gPtm2aKjk3sIThA/C4jA9pGKn4Bi2TEh70NEUoTsrpRfFa8t3VRi3AdvMQ1gHdz53rZ+ZEk92Jf9DyP7pvJa0rKAL02bMAIugDqXXIW4KfrBZYZ30xCUywgl/0pqaQKidi2sFiFMeC36mW/YiomgXq6zmdZAI7h3/Vn4QWFVl/JJr+5MSVfYdG8wWgdnddAUC6gvsYsFP48e+gBeK0ueqHVMrEj2MB7WQ9h9zqPwzdcB6LcdbMgiFxxgpSdyy1DP4AW6PYkTOHPo4GjdU8/THXB9Ad/kr8vk7fOf gitlab-runner@greyhound -- cgit v1.2.3 From c4afb0b63fdfaef6a7d67917f5b93e353902d36d Mon Sep 17 00:00:00 2001 From: elijah Date: Tue, 30 Aug 2016 15:31:23 -0700 Subject: fix paths for gitlab ci --- tests/platform-ci/README.md | 4 ++ tests/platform-ci/ci-build.sh | 51 ++++++++++++++++++++++++++ tests/platform-ci/provider/.platform-test.conf | 13 ------- tests/platform-ci/provider/Leapfile | 2 +- tests/platform-ci/setup.sh | 2 +- 5 files changed, 57 insertions(+), 15 deletions(-) create mode 100755 tests/platform-ci/ci-build.sh delete mode 100644 tests/platform-ci/provider/.platform-test.conf (limited to 'tests') diff --git a/tests/platform-ci/README.md b/tests/platform-ci/README.md index bc48b21f..60c17e41 100644 --- a/tests/platform-ci/README.md +++ b/tests/platform-ci/README.md @@ -9,3 +9,7 @@ Usage: For a list of all tasks: bin/rake -T + +To create a virtual provider, run tests on it, then tear it down: + + ./ci-build.sh diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh new file mode 100755 index 00000000..38040716 --- /dev/null +++ b/tests/platform-ci/ci-build.sh @@ -0,0 +1,51 @@ +#!/bin/sh +# +# This script will run create a virtual provider +# and run tests on it. +# +# This script is triggered by .gitlab-ci.yml +# +# It depends on: +# * leap_platform: in ../.. +# * test provider: in provider/ +# * leap-platform-test: installed in path +# + +# leap_platform/tests/platform-ci +export ROOTDIR=$(readlink -f "$(dirname $0)") + +# leap_platform/tests/platform-ci/provider +export PROVIDERDIR="${ROOTDIR}/provider" + +# leap_platform +export PLATFORMDIR=$(readlink -f "${ROOTDIR}/../..") + +# leap_platform/builds +export BUILDSDIR="${PLATFORMDIR}/builds" +export LOCKDIR="${PLATFORMDIR}/builds/lock" +export LOGDIR="${PLATFORMDIR}/builds/log" + +export CONTACTS="sysdev@leap.se" +export MAIL_TO=$CONTACTS +export OPTS='--yes' +export FILTER_COMMON="" +export LEAP_CMD="bundle exec leap" + +echo "CI directory: ${ROOTDIR}" +echo "Provider directory: ${PROVIDERDIR}" +echo "Platform directory: ${PLATFORMDIR}" + +# create node(s) with unique id so we can run tests in parallel +export TAG="build${CI_BUILD_ID}" +[ -d "${PROVIDERDIR}/tags" ] || mkdir "${PROVIDERDIR}/tags" +echo '{}' > "${PROVIDERDIR}/tags/${TAG}.json" + +export IP_SUFFIX_START='100' +export NODES="single${TAG}:couchdb,soledad,mx,webapp,openvpn,tor,monitor,obfsproxy" +leap-platform-test add_nodes "$NODES" +leap-platform-test -v init_deploy +leap-platform-test -v test + +cd $PROVIDERDIR +$LEAP_CMD info "${TAG}" +$LEAP_CMD local destroy "${TAG}" diff --git a/tests/platform-ci/provider/.platform-test.conf b/tests/platform-ci/provider/.platform-test.conf deleted file mode 100644 index 621fb7b7..00000000 --- a/tests/platform-ci/provider/.platform-test.conf +++ /dev/null @@ -1,13 +0,0 @@ -export ROOTDIR=$(pwd) - -export PROVIDERDIR="${ROOTDIR}/tests/puppet/provider" -export PLATFORMDIR="$ROOTDIR" -export LOGDIR="$ROOTDIR/builds/log" - -export CONTACTS="sysdev@leap.se" -export MAIL_TO=$CONTACTS - -export OPTS='--yes' -export FILTER_COMMON="" - -export LEAP_CMD="bundle exec leap" diff --git a/tests/platform-ci/provider/Leapfile b/tests/platform-ci/provider/Leapfile index f54c9293..4852aed7 100644 --- a/tests/platform-ci/provider/Leapfile +++ b/tests/platform-ci/provider/Leapfile @@ -1 +1 @@ -@platform_directory_path = "../../.." +@platform_directory_path = File.expand_path("../../../..", __FILE__) diff --git a/tests/platform-ci/setup.sh b/tests/platform-ci/setup.sh index 69a348b8..e676ca37 100755 --- a/tests/platform-ci/setup.sh +++ b/tests/platform-ci/setup.sh @@ -1,4 +1,4 @@ #!/bin/sh which bundle || apt install bundle -bundle install --binstubs --path=vendor --with=test \ No newline at end of file +bundle install --binstubs --path=vendor --with=test --jobs $(nproc) \ No newline at end of file -- cgit v1.2.3 From d679399af0898b959b8b84a8e8d1e2e03c4e21b5 Mon Sep 17 00:00:00 2001 From: elijah Date: Wed, 31 Aug 2016 15:41:55 -0700 Subject: cherry pick from "break on every deploy error" --- tests/platform-ci/ci-build.sh | 3 +++ 1 file changed, 3 insertions(+) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 38040716..63699e02 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -35,6 +35,9 @@ echo "CI directory: ${ROOTDIR}" echo "Provider directory: ${PROVIDERDIR}" echo "Platform directory: ${PLATFORMDIR}" +# exit if any commands returns non-zero status +set -e + # create node(s) with unique id so we can run tests in parallel export TAG="build${CI_BUILD_ID}" [ -d "${PROVIDERDIR}/tags" ] || mkdir "${PROVIDERDIR}/tags" -- cgit v1.2.3 From 17ecb63304e315be248fe754d14d240749ee2d89 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 11 Oct 2016 10:30:40 +0200 Subject: Use puppet-catalog-test from git to circumvent deprecation warn --- tests/platform-ci/Gemfile | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/Gemfile b/tests/platform-ci/Gemfile index aea88237..36f556e5 100644 --- a/tests/platform-ci/Gemfile +++ b/tests/platform-ci/Gemfile @@ -2,7 +2,7 @@ source "https://rubygems.org" group :test do gem "rake" - gem "rspec", '< 3.2.0' + gem "rspec" gem "puppet", ENV['PUPPET_VERSION'] || ENV['GEM_PUPPET_VERSION'] || ENV['PUPPET_GEM_VERSION'] || '~> 3.8' gem "facter", ENV['FACTER_VERSION'] || ENV['GEM_FACTER_VERSION'] || ENV['FACTER_GEM_VERSION'] || '~> 2.2.0' gem "rspec-puppet" @@ -10,6 +10,8 @@ group :test do gem "metadata-json-lint" gem "rspec-puppet-facts" gem "mocha" - gem "puppet-catalog-test" + # Use puppet-catalog-test from git because last released gem 0.4.2 gives a deprecation + # warning: "[DEPRECATION] `last_comment` is deprecated. Please use `last_description` instead." + gem "puppet-catalog-test", :git => 'https://github.com/invadersmustdie/puppet-catalog-test.git' gem "leap_cli", :git => 'https://leap.se/git/leap_cli.git', :branch => 'develop' end -- cgit v1.2.3 From 3d0aa5a22ca34a8bc4f97b9321e8f3a61cab439a Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 11 Oct 2016 10:58:23 +0200 Subject: Lint ci-build.sh --- tests/platform-ci/ci-build.sh | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 63699e02..a156f314 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -12,13 +12,17 @@ # # leap_platform/tests/platform-ci -export ROOTDIR=$(readlink -f "$(dirname $0)") +export ROOTDIR +# shellcheck disable=SC2086 +ROOTDIR=$(readlink -f "$(dirname $0)") # leap_platform/tests/platform-ci/provider -export PROVIDERDIR="${ROOTDIR}/provider" +export PROVIDERDIR +PROVIDERDIR="${ROOTDIR}/provider" # leap_platform -export PLATFORMDIR=$(readlink -f "${ROOTDIR}/../..") +export PLATFORMDIR +PLATFORMDIR=$(readlink -f "${ROOTDIR}/../..") # leap_platform/builds export BUILDSDIR="${PLATFORMDIR}/builds" @@ -49,6 +53,6 @@ leap-platform-test add_nodes "$NODES" leap-platform-test -v init_deploy leap-platform-test -v test -cd $PROVIDERDIR +cd "$PROVIDERDIR" $LEAP_CMD info "${TAG}" $LEAP_CMD local destroy "${TAG}" -- cgit v1.2.3 From 6b02b7165866a51692e4aba0b9d29949c6f3fc3f Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 11 Oct 2016 11:31:53 +0200 Subject: Dont track provider/files/ssh/known_hosts --- tests/platform-ci/provider/files/ssh/known_hosts | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 tests/platform-ci/provider/files/ssh/known_hosts (limited to 'tests') diff --git a/tests/platform-ci/provider/files/ssh/known_hosts b/tests/platform-ci/provider/files/ssh/known_hosts deleted file mode 100644 index 50bc01fd..00000000 --- a/tests/platform-ci/provider/files/ssh/known_hosts +++ /dev/null @@ -1,4 +0,0 @@ -# -# This file is automatically generated by the command `leap`. You should NOT modify this file. -# Instead, rerun `leap node init` on whatever node is causing SSH problems. -# -- cgit v1.2.3 From fe9963950d9721f1c1e7be4208cc0c92061f997f Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 11 Oct 2016 12:13:16 +0200 Subject: Dont track facts.json and users/gitlab-runner --- tests/platform-ci/provider/facts.json | 1 - tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub | 1 - 2 files changed, 2 deletions(-) delete mode 100644 tests/platform-ci/provider/facts.json delete mode 100644 tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub (limited to 'tests') diff --git a/tests/platform-ci/provider/facts.json b/tests/platform-ci/provider/facts.json deleted file mode 100644 index 0967ef42..00000000 --- a/tests/platform-ci/provider/facts.json +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub b/tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub deleted file mode 100644 index 1a3c370d..00000000 --- a/tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDkRxRRgaSmpzm1tOJMmvOrge/V7fQ9O0q/A+Ez0OlC0LC25ar0gPtm2aKjk3sIThA/C4jA9pGKn4Bi2TEh70NEUoTsrpRfFa8t3VRi3AdvMQ1gHdz53rZ+ZEk92Jf9DyP7pvJa0rKAL02bMAIugDqXXIW4KfrBZYZ30xCUywgl/0pqaQKidi2sFiFMeC36mW/YiomgXq6zmdZAI7h3/Vn4QWFVl/JJr+5MSVfYdG8wWgdnddAUC6gvsYsFP48e+gBeK0ueqHVMrEj2MB7WQ9h9zqPwzdcB6LcdbMgiFxxgpSdyy1DP4AW6PYkTOHPo4GjdU8/THXB9Ad/kr8vk7fOf gitlab-runner@greyhound -- cgit v1.2.3 From b039165ffd21c031980a67a840c55698a4a4803c Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 11 Oct 2016 14:58:24 +0200 Subject: Use leap vm for ci builds --- tests/platform-ci/ci-build.sh | 77 ++++++++++++++++++++++++++++--------------- 1 file changed, 51 insertions(+), 26 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index a156f314..21ea015f 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # # This script will run create a virtual provider # and run tests on it. @@ -10,6 +10,12 @@ # * test provider: in provider/ # * leap-platform-test: installed in path # +# Todo: +# - Running locally works fine, now use it in gitlab CI ( which ssh-key ? create cloud.json from env vars ) +# - Speed up vm boot if possible ( right now 3-4mins ) + +# exit if any commands returns non-zero status +set -e # leap_platform/tests/platform-ci export ROOTDIR @@ -24,35 +30,54 @@ PROVIDERDIR="${ROOTDIR}/provider" export PLATFORMDIR PLATFORMDIR=$(readlink -f "${ROOTDIR}/../..") -# leap_platform/builds -export BUILDSDIR="${PLATFORMDIR}/builds" -export LOCKDIR="${PLATFORMDIR}/builds/lock" -export LOGDIR="${PLATFORMDIR}/builds/log" +LEAP_CMD="/usr/local/bin/bundle exec leap -v2 --yes" -export CONTACTS="sysdev@leap.se" -export MAIL_TO=$CONTACTS -export OPTS='--yes' -export FILTER_COMMON="" -export LEAP_CMD="bundle exec leap" - -echo "CI directory: ${ROOTDIR}" -echo "Provider directory: ${PROVIDERDIR}" -echo "Platform directory: ${PLATFORMDIR}" +# create node(s) with unique id so we can run tests in parallel +NAME="citest${CI_BUILD_ID}" +TAG='single' +SERVICES='couchdb,soledad,mx,webapp,tor,monitor' +SEEDS='sources.platform.apt.basic:http://deb.leap.se/experimental-0.9 sources.webapp.revision:develop sources.nickserver.revision:master' -# exit if any commands returns non-zero status -set -e -# create node(s) with unique id so we can run tests in parallel -export TAG="build${CI_BUILD_ID}" -[ -d "${PROVIDERDIR}/tags" ] || mkdir "${PROVIDERDIR}/tags" -echo '{}' > "${PROVIDERDIR}/tags/${TAG}.json" +# +# Main +# -export IP_SUFFIX_START='100' -export NODES="single${TAG}:couchdb,soledad,mx,webapp,openvpn,tor,monitor,obfsproxy" -leap-platform-test add_nodes "$NODES" -leap-platform-test -v init_deploy -leap-platform-test -v test +/bin/echo "CI directory: ${ROOTDIR}" +/bin/echo "Provider directory: ${PROVIDERDIR}" +/bin/echo "Platform directory: ${PLATFORMDIR}" cd "$PROVIDERDIR" + +# Ensure we don't output secret stuff to console even when running in verbose mode with -x +set +x + +# Create cloud.json needed for `leap vm` commands using AWS credentials +which jq || ( apt-get update -y && apt-get install jq -y ) +/usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json + +# Configure ssh keypair +[ -d ~/.ssh ] || /bin/mkdir ~/.ssh +/bin/echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa +/bin/chmod 600 ~/.ssh/id_rsa +/bin/cp users/gitlab-runner/gitlab-runner_ssh.pub ~/.ssh/id_rsa.pub + +[ -d "./tags" ] || mkdir "./tags" +/bin/echo "{\"environment\": \"$TAG\"}" | /usr/bin/json_pp > "${PROVIDERDIR}/tags/${TAG}.json" + +$LEAP_CMD vm status "$TAG" +# shellcheck disable=SC2086 +$LEAP_CMD vm add "$NAME" services:"$SERVICES" tags:"$TAG" $SEEDS +$LEAP_CMD compile "$TAG" +$LEAP_CMD vm status "$TAG" + +$LEAP_CMD node init "$TAG" $LEAP_CMD info "${TAG}" -$LEAP_CMD local destroy "${TAG}" + +# Deploy and test +$LEAP_CMD deploy "$TAG" +$LEAP_CMD test "$TAG" + +# if everything succeeds, destroy the vm +$LEAP_CMD vm rm "${TAG}" +[ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" -- cgit v1.2.3 From a0416d6da152831c92898effa0cb4268180e21c8 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 14 Oct 2016 19:02:41 +0200 Subject: Checkin cloud.json template without credentials --- tests/platform-ci/provider/cloud.json.template | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 tests/platform-ci/provider/cloud.json.template (limited to 'tests') diff --git a/tests/platform-ci/provider/cloud.json.template b/tests/platform-ci/provider/cloud.json.template new file mode 100644 index 00000000..28152e82 --- /dev/null +++ b/tests/platform-ci/provider/cloud.json.template @@ -0,0 +1,15 @@ +{ + "platform_ci": { + "api": "aws", + "vendor": "aws", + "auth": { + "region": "us-west-2", + "aws_access_key_id": "", + "aws_secret_access_key": "" + }, + "default_image": "ami-2a34e94a", + "default_options": { + "InstanceType": "t2.small" + } + } +} -- cgit v1.2.3 From 1438c4d5ed1c4fb63c8003f8bd3cbca78ce0252c Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 14 Oct 2016 19:41:29 +0200 Subject: Add public sshkey of gitlab-runner for platform builds --- tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub | 1 + 1 file changed, 1 insertion(+) create mode 100644 tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub (limited to 'tests') diff --git a/tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub b/tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub new file mode 100644 index 00000000..3e72b70f --- /dev/null +++ b/tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEtniDgIYEm4WtGgiQsZKBpY8x3tbzDBIoMLbZT496juCu4c3f+F5KkMPLmYRPcAupF8tVf+j7Fns7z69PuTjdGfe/cA9CTw/4sNAu3iLpunGR0d2Wtctez5mwz13bKRu9fck3H9p2F9Z47vMKtRTJJ6iIgaUVWU/eFd/MSMJeUVd2ns4Wr7SkHCBB3PV+QL1xl4+AZsUtnGVQ5cE4MZZFia/g6SlrKQYFtLRVIIpDuuaDSvULg1BFMhSCBDNygts8dKTJsCEQYeGVvHZaDwtKTnMqEIwBP4TkIoP+YWnZTPrGywFEJOlZ8b+4HdgdUAFLcFCycWMM9nVcWX7P2lIN gitlab-runner_ssh -- cgit v1.2.3 From 65c7e65282a40e72d077d1462cc33e734505269c Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 14 Oct 2016 19:57:52 +0200 Subject: Include secret variables from gitlab ci settings - Assemble cloud.json from aws credential env vars - Deploy ssh private key from env var --- tests/platform-ci/ci-build.sh | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 21ea015f..5872bf57 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -9,6 +9,11 @@ # * leap_platform: in ../.. # * test provider: in provider/ # * leap-platform-test: installed in path +# * AWS credentials as environment variables: +# * `AWS_ACCESS_KEY` +# * `AWS_SECRET_KEY` +# * ssh private key used to login to remove vm +# * `SSH_PRIVATE_KEY` # # Todo: # - Running locally works fine, now use it in gitlab CI ( which ssh-key ? create cloud.json from env vars ) -- cgit v1.2.3 From 3728f820ca684798a5579fc445733ef531351bb7 Mon Sep 17 00:00:00 2001 From: varac Date: Sat, 15 Oct 2016 22:02:11 +0200 Subject: Use caching in setup.sh --- tests/platform-ci/setup.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/setup.sh b/tests/platform-ci/setup.sh index e676ca37..39ef3130 100755 --- a/tests/platform-ci/setup.sh +++ b/tests/platform-ci/setup.sh @@ -1,4 +1,4 @@ #!/bin/sh -which bundle || apt install bundle -bundle install --binstubs --path=vendor --with=test --jobs $(nproc) \ No newline at end of file +which bundle || /usr/bin/apt install bundle +/usr/local/bin/bundle install --binstubs --path=/var/cache/gitlab-runner/ --with=test --jobs "$(nproc)" -- cgit v1.2.3 From 03e7a5ddd745524a392ec4ad4c0773cfafbef1dd Mon Sep 17 00:00:00 2001 From: varac Date: Sat, 15 Oct 2016 23:03:49 +0200 Subject: Use random vm name when running local when using gitlab-runner locally, CI_BUILD_ID is always 1 which will conflict with running/terminating AWS instances in subsequent runs therefore we pick a random number in this case --- tests/platform-ci/ci-build.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 5872bf57..e67c2a76 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -23,22 +23,24 @@ set -e # leap_platform/tests/platform-ci -export ROOTDIR # shellcheck disable=SC2086 ROOTDIR=$(readlink -f "$(dirname $0)") # leap_platform/tests/platform-ci/provider -export PROVIDERDIR PROVIDERDIR="${ROOTDIR}/provider" # leap_platform -export PLATFORMDIR PLATFORMDIR=$(readlink -f "${ROOTDIR}/../..") LEAP_CMD="/usr/local/bin/bundle exec leap -v2 --yes" # create node(s) with unique id so we can run tests in parallel NAME="citest${CI_BUILD_ID}" +# when using gitlab-runner locally, CI_BUILD_ID is always 1 which +# will conflict with running/terminating AWS instances in subsequent runs +# therefore we pick a random number in this case +[ "$CI_BUILD_ID" -eq "1" ] && NAME+="000${RANDOM}" + TAG='single' SERVICES='couchdb,soledad,mx,webapp,tor,monitor' SEEDS='sources.platform.apt.basic:http://deb.leap.se/experimental-0.9 sources.webapp.revision:develop sources.nickserver.revision:master' -- cgit v1.2.3 From d834b1de3c90ed1f5416ba637e2d5d5c8e81acd5 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 18 Oct 2016 21:26:25 +0200 Subject: Fix Are_daemons_running test for nickserver --- tests/server-tests/white-box/webapp.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/server-tests/white-box/webapp.rb b/tests/server-tests/white-box/webapp.rb index 40c234d6..da1ec8c5 100644 --- a/tests/server-tests/white-box/webapp.rb +++ b/tests/server-tests/white-box/webapp.rb @@ -28,7 +28,7 @@ class Webapp < LeapTest def test_03_Are_daemons_running? assert_running '^/usr/sbin/apache2' - assert_running '^/usr/bin/ruby /usr/bin/nickserver' + assert_running '^ruby /usr/bin/nickserver' pass end -- cgit v1.2.3 From e04f0e42c24ee37b55cfd23761c73471e0eeb816 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 25 Oct 2016 09:20:31 -0400 Subject: Change CI build webapp source branch to master. The develop branch was removed, and current master is the same as develop was before. --- tests/platform-ci/ci-build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index e67c2a76..85557b3f 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -43,7 +43,7 @@ NAME="citest${CI_BUILD_ID}" TAG='single' SERVICES='couchdb,soledad,mx,webapp,tor,monitor' -SEEDS='sources.platform.apt.basic:http://deb.leap.se/experimental-0.9 sources.webapp.revision:develop sources.nickserver.revision:master' +SEEDS='sources.platform.apt.basic:http://deb.leap.se/experimental-0.9 sources.webapp.revision:master sources.nickserver.revision:master' # -- cgit v1.2.3